freerad...@corwyn.net wrote:
At 06:15 PM 11/25/2009, you wrote:
There are dozens of them there. Just save what is quoted in the guide
(with adjusted text) as a file into raddb/modules directory.
Yeah, and in tinkering with module files I clearly haven't had success.
so you're saying create a (adjusted for my environment) file in
../modules:
rick_ntlm {
exec rick_ntlm {
ntlm_auth = "/path/to/ntlm_auth --request-nt-key
--username=%{mschap:User-Name:-None}
--domain=%{mschap:NT-Domain:-MYDOMAIN}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
}
No, that's for mschap. Forget that section. You just want the first
section for pap requests.
and it should work? In part I ask because the examples for
radiusd.conf and mschap.conf are different.
Yes they are. One is for processing pap and other for processing mschap
requests.
I suspect I also have to put the reference to that new file (ntlm_rick
in this case) into inner-tunnel as well? And in the virtual server
config? In both the authorize{} and authenticate {} sections?
Just authenticate and default virtual server. Inner tunnel is for peap.
Ivan Kalik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
