Pfsense + freeradius + Microsoft Active Directory
-
@stephenw10 I'm completely demotivated; I thought it was going to be simpler than it is, but it's not. The funniest thing is that, while looking at the packet capture in Wireshark, it finds the user I'm logging in with, but the mschap error "No NT-Password" keeps coming up nonetheless. I don't know what else to do. Is there anything that can be adjusted in the mschap file? I wouldn't know what, if anything. Or could something be tweaked in the LDAP attributes?
-
You're seeing that error because one side is expecting password to be sent but the other side never has the password to send.
What I suggest is to disable 'Enable LDAP for Authentication' because that cannot work with EAP types and then try to diagnose the error9s) without that. Which I expect to be an algorithm mismatch.
Steve
-
@stephenw10 should disable that option and change something in some config file? i disable and the error is the same
-
I wouldn't expect to have to make any other change there. You might try restarting Freeradius to be sure though.
-
This post is deleted!
