I was able to get ntlm-auth working with AD integration. But unfortunately this stops the existing users in the users' file from being check. Whenever I have the "ntlm_auth =" line configured in modules/mschap, my users file is not check. If I comment out "ntlm_auth" the users file works again.
Is there any possibility to getting both the files and the ntlm_auth methods functional inside MSCHAP? -Nathan Van Fleet > -----Original Message----- > From: freeradius-users- > bounces+nmcdavit=alcor.concordia...@lists.freeradius.org > [mailto:freeradius-users- > bounces+nmcdavit=alcor.concordia...@lists.freeradius.org] On Behalf Of > Jonathan Hutchins > Sent: Tuesday, April 20, 2010 11:42 AM > To: Thibault Le Meur > Cc: FreeRadius users mailing list > Subject: Re: PopTop > > On Tuesday 20 April 2010 03:27:19 am Thibault Le Meur wrote: > > > Yes it is true, but this part seems easy once you've understood how > to > > migrate from FR1 to FR2 which is required anyway to do a proper > > migration. > > Is there a doc that specifically addresses migration? > > > In fact this would be only a 3 lines changes in the article, so this > > is easy to fix as most of this HowTo is related to setting other > > components that FR ;-) > > Can I help get those changes made, perhaps by testing the howto? The > section > on the Dictionary would seem to be unnnecessary for most packaged > distributions. > > > > I moved from a rather ancient Gentoo server that I believe was > using an > > > 1.x version to Debian Lenny 2.0.4, then upgraded to the 2.1.8 > backport, > > > and I can't get it to parse DOMAIN//user properly - it ignores the > > > separator and comes up with a null "realm". Curiously, it later > displays > > > the username as DOMAIN/name. > > > > I can't help here, because I'm not using realm for PopTop > authentication. > > I wasn't intending to either, I was following your PopTop doc exactly. > > > However I would check you modules/realm file and the ntdomain realm > > definition. Then I would double check that the ntodimain instance is > > enabled in your pre-acct and authorize section. > > Searching for where to enable this now. I wonder if there is any > different > handling for the "\\" vs "\". > > Since I don't have a working config yet, I would be happy to strip it > back to > defaults and test your howto. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html