LDAP的Freeradius-Cisco WLC-身份验证失败
[英]Freeradius with LDAP - Cisco WLC - Authentication Failing
问题描述
I am getting the following error in debug mode 
我在调试模式下收到以下错误
[mschapv2] +group MS-CHAP {
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: tuser
[mschap] Client is using MS-CHAPv2 for tuser, we need NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
I am pretty sure this is the issue. 我很确定这是问题所在。 I am using OpenDJ as the backend ldap server and using freeradius with ldap. 我将OpenDJ用作后端ldap服务器,并将freeradius与ldap一起使用。 Please tell me if I would be missing anything or if there is a specific configuration I have to make. 请告诉我是否会丢失任何东西,或者是否必须进行特定配置。 There is nothing network wise that is blocking ports. 没有什么网络可以阻止端口。 Note: I am using a Mac to authenticate. 注意:我正在使用Mac进行身份验证。
1 个解决方案
解决方案1
0 2019-08-09 14:31:13
Can you login locally on freeradius server with LDAP creds? 您可以使用LDAP凭据在freeradius服务器上本地登录吗?
radtest $login $pass 127.0.0.1 10 $secret
If yes, you should probably stop freeradius service and run "freeradius -X" which show you debug from the server side. 如果是,您可能应该停止freeradius服务并运行“ freeradius -X”,该脚本显示从服务器端进行调试。
Paste your sites-enabled/default config, do you have ms-chap uncommented there? 粘贴启用了站点的默认配置,您是否在其中未注释ms-chap?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.