> > Is there a how-to or tutorial for this simple case? I have > searched this list and google generally. I have read the > articles referred to on the FreeRadius home page and several > others and I still can't see how the configuration works. Any > and all help gratefully received. > > Steve. >
As for the simple how to, they're a few, but none that I would consider easy to follow. What your looking for this the following lines: (I have two ntlm_auth Lines, the original that is commented out, and the one that I use. They are long, so they will break across lines, but they are not that way in my config file) # Windows sends us a username in the form of # DOMAIN\user, but sends the challenge response # based on only the user portion. This hack # corrects for that incorrect behavior. # with_ntdomain_hack = yes # The module can perform authentication itself, OR # use a Windows Domain Controller. This configuration # directive tells the module to call the ntlm_auth # program, which will do the authentication, and return # the NT-Key. Note that you MUST have "winbindd" and # "nmbd" running on the local machine for ntlm_auth # to work. See the ntlm_auth program documentation # for details. # # Be VERY careful when editing the following line! # #ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}" ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{mschap:User-Name} --challenge=%{mschap:Challenge} --nt-response=%{mschap:NT-Response}" - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html