Hi all,
I've configured FreeRADIUS for PEAP and I'm forwarding the NTLM authentication
to our Windows Active Directory.
I'm using the following script to proxy the MSCHAPv2 NTLM credentials:
/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 >> /tmp/log << @EOF
Username: ${1/NTDOMAIN01\\\\}
Full-Username: ${1}
LANMAN-Challenge: ${2}
NT-Response: ${3}
.
@EOF
(This doesn't work for FreeRADIUS yet, but I'm doing this for the logging data)
When I'm instructing the Windows supplicant to use the current credentials I
get the following error:
NTDOMAIN01\\eeto003 0c21e86b0baca9ea
7d7fe615f7d0d1a942e9c0ffb9a619b1be78ebf508e089d2
Authenticated: No
Authentication-Error: Wrong Password
.
When I tell windows to ask for my credentials and enter the username + password
+ domain it works:
Authenticated: Yes
.
Could someone please tell me what I might be doing wrong?
Is it 'normal' that I can't omit the Username (when the Full-Username is
supplied)?
TIA
Dick
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
