Try this ntlm_auth string (Watch for page breaks in email) ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{mschap:User-Name} --challenge=%{mschap:Challeng e} --nt-response=%{mschap:NT-Response}
> -----Original Message----- > From: > [EMAIL PROTECTED] > g > [mailto:[EMAIL PROTECTED] > adius.org] On Behalf Of Chris Liles > Sent: Wednesday, May 10, 2006 3:51 PM > To: FreeRadius users mailing list > Subject: RE: with_ntdomain_hack > > You are right, it was that I was lowercasing the username > before authentication... > After I turned that off, I am getting further, it still > doesn't work and I believe it is because of a problem with > "Stripped-User-Name" and ntlm_auth > > ntlm_auth is getting called with the entire username > "DOMAIN\user" and not "user" I don't understand why, as in > the config file it says: > --username=%{Stripped-User-Name:-%{User-Name:-None}} > > I didn't edit that part of the ntlm_auth line, just corrected > the path.. > I know this is a problem because when I use ntlm_auth from > the command line I can't use --username=DOMAIN\user I have to > use --username=user > > I hacked up the line to just say %{Stripped-User-Name} but > that value must be null or something, because then ntlm_auth > gets called with "--username=" > > Any thoughts as to why I can't get the DOMAIN\ stripped when > calling ntlm_auth > > Thanks! > > -- > Chris Liles > System Analyst > Air2Web, Inc. > 1230 Peachtree St. N.E. > 12th Floor > Atlanta, GA 30309 > > > -----Original Message----- > From: > [EMAIL PROTECTED] > ius.org > [mailto:[EMAIL PROTECTED] > .freeradius.org] On Behalf Of King, Michael > Sent: Wednesday, May 10, 2006 3:39 PM > To: FreeRadius users mailing list > Subject: RE: with_ntdomain_hack > > > > > -----Original Message----- > > I can't seem to figure out how to get with_ntdomain_hack set > > correctly. > > > > I am trying to get peap going against active directory with winbind. > > > > It works if I enter in the username and password from the windows > > supplicant prompt, but when I set the supplicant to send the > > information automatically it is appending the domain\ onto the > > username, and I can't get it to work? > > > > > I don't think it's the ntdomain hack that is the problem (It > should be on, and I'm only aware of it being located in the > radiusd.conf file, just above the ntlm_auth line > > I'd double check that your Samba config is correct. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html