I am trying to set up a Clearpass evaluation where the Clearpass server runs offsite, so I can't use AD integration.
I have setup a Generic LDAP Authentication source, but when I try to to test validation from my controller, it fails:
Error Code:
216
Error Category:
Authentication failure
Error Message:
User authentication failed
Alerts for this Request
RADIUS SJS-UNV LDAP - 109.110.111.112: User not found.
MSCHAP: Authentication failed
The logs says:
Request log details for session: R0000000e-01-502247da
Time Message
2012-08-08 13:04:58,423 [Th 5 Req 14 SessId R0000000e-01-502247da] INFO RadiusServer.Radius - rlm_service: Starting Service Categorization
2012-08-08 13:04:58,429 [RequestHandler-1-0x43871940 r=auto-31 h=47 r=R0000000e-01-502247da] INFO Core.ServiceReqHandler - Service classification result = RadTest
2012-08-08 13:04:58,430 [Th 5 Req 14 SessId R0000000e-01-502247da] INFO RadiusServer.Radius - rlm_service: The request has been categorized into service "RadTest"
2012-08-08 13:04:58,430 [Th 5 Req 14 SessId R0000000e-01-502247da] INFO RadiusServer.Radius - rlm_ldap: searching for user testuser in Ldap:109.110.111.112
2012-08-08 13:05:00,361 [Th 5 Req 14 SessId R0000000e-01-502247da] ERROR RadiusServer.Radius - rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
2012-08-08 13:05:00,361 [Th 5 Req 14 SessId R0000000e-01-502247da] ERROR RadiusServer.Radius - rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
I have tried using cleartext, NT Hash and LM hash passwords, but I just can't get it to work.
I have attached a screenshot of the Auth Source Primary tab
Any help is much appreciated!
kind regards
Mikael
Denmark