[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: RADIUS AUTHENTICATOR---need HELP using MSCHAP and NTPASSWORD
From: "ego seek" <egoseek () gmail ! com>
Date: 2006-10-31 15:43:49
Message-ID: 190eb3b60610310743l2726f831x8b3a1c765dc986c5 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Message: 6
Date: Mon, 30 Oct 2006 08:25:43 -0500
From: Michael Lecuyer <mjl@theorem.com>
Subject: Re: RADIUS AUTHENTICATOR---need HELP using MSCHAP and
NTPASSWORD
To: FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Message-ID: <4545FD57.1030202@theorem.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
This pretty much sums up the problem:
> rlm_mschap: No MS-CHAP-Challenge in the request
This is not a valid MS-CHAP request. You might want to look at the
actual attributes passed to see if this is really an MS-CHAP request. It
will contain Microsoft VSAs containing a MS-CHAP-Challenge and a
MS-CHAP-Response.
How I can do it?
ego seek wrote:
> I use Squid and RADIUS.
>
> Squid use Squid_radius_authenticator to authenticate a client and write
> a log in which there is the username and the http request.
>
> THE PROBLEM IS:
> In the radcheck table i put a value: "AUTH-TYPE" and set "MS-CHAP" for
> the user. his password is stored in NT-HASH format.
> when the authenticator try to authenticate the user, this is the output
>
>
> ".......
> rad_check_password: Found Auth-Type MS-CHAP
> auth: type "MS-CHAP"
> Processing the authenticate section of radiusd.conf
> modcall: entering group MS-CHAP for request 6
> rlm_mschap: No User-Password configured. Cannot create LM-Password.
> rlm_mschap: Found NT-Password
> rlm_mschap: No MS-CHAP-Challenge in the request
> modcall[authenticate]: module "mschap" returns reject for request 6
> modcall: leaving group MS-CHAP (returns reject) for request 6
> auth: Failed to validate the user.
> Login incorrect:[username/password]"
>
>
> can anybody help me?
> please.
>
>
>
> ------------------------------------------------------------------------
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
[Attachment #5 (text/html)]
Message: 6<br>Date: Mon, 30 Oct 2006 08:25:43 -0500<br>From: Michael Lecuyer <<a \
onclick="return top.js.OpenExtLink(window,event,this)" \
href="mailto:mjl@theorem.com">mjl@theorem.com</a>><br>Subject: Re: RADIUS \
AUTHENTICATOR---need HELP using MSCHAP and <br> \
NTPASSWORD<br>To: FreeRadius users mailing list<br> \
<<a onclick="return top.js.OpenExtLink(window,event,this)" \
href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org
</a>><br>Message-ID: <<a onclick="return \
top.js.OpenExtLink(window,event,this)" \
href="mailto:4545FD57.1030202@theorem.com">4545FD57.1030202@theorem.com</a>><br>Content-Type: \
text/plain; charset=ISO-8859-1; format=flowed <br><br>This pretty much sums up the \
problem:<br><br> > rlm_mschap: No MS-CHAP-Challenge in the \
request<br><br> This is not a valid MS-CHAP request. You might want to \
look at the<br> actual attributes passed to see if this is really an \
MS-CHAP request. It <br> will contain Microsoft VSAs containing a \
MS-CHAP-Challenge and a<br> MS-CHAP-Response.<br><br>How I can do \
it?<br><br><br>ego seek wrote:<br>> I use Squid and RADIUS.<br>><br>> Squid \
use Squid_radius_authenticator to authenticate a client and write <br>> a log in \
which there is the username and the http request.<br>><br>> THE PROBLEM \
IS:<br>> In the radcheck table i put a value: "AUTH-TYPE" and set \
"MS-CHAP" for<br>> the user. his password is stored in NT-HASH format. \
<br>> when the authenticator try to authenticate the user, this is the \
output<br>><br>><br>> ".......<br>> rad_check_password: Found \
Auth-Type MS-CHAP<br>> auth: type "MS-CHAP"<br>> Processing \
the authenticate section of radiusd.conf<br>> modcall: entering group MS-CHAP for \
request 6<br>> rlm_mschap: No User-Password configured. Cannot create \
LM-Password.<br>> rlm_mschap: Found NT-Password<br>> rlm_mschap: \
No MS-CHAP-Challenge in the request <br>> modcall[authenticate]: module \
"mschap" returns reject for request 6<br>> modcall: leaving group \
MS-CHAP (returns reject) for request 6<br>> auth: Failed to validate the \
user.<br>> Login incorrect:[username/password]" <br>><br>><br>> can \
anybody help me?<br>> please.<br>><br>><br>><br>> \
------------------------------<div style="direction: \
ltr;">------------------------------------------<br>><br>> -<br>> List \
info/subscribe/unsubscribe? See <a onclick="return \
top.js.OpenExtLink(window,event,this)" \
href="http://www.freeradius.org/list/users.html" \
target="_blank">http://www.freeradius.org/list/users.html</a></div>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic