On Feb 19, 2009, at 11:11 AM, Tomas wrote:
Do I need to change my modules/mschap config? Currently I have:
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%
{Stripped-User-Name:-%{User-Name:-None}} --challenge=%
{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
As Ivan eluded to earlier, you need to use '--username=%{mschap:User-
Name}' in your ntlm_auth command-line. The mschap module automagically
turns 'host/PC1.ad.lab.com' into 'PC1$', (the username that AD uses to
authenticate the machine). You may also need to specify the domain
with '--domain=%{mschap:NT-Domain}'.
Mike Loosbrock
Bethel University Network Services
651-638-6723
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
