MSChap via ntlm_auth problem

Anton Brinyov anton.brinyov at gmail.com
Tue Aug 18 18:56:06 CEST 2009


2009/8/18 Alan Buxey <A.L.M.Buxey at lboro.ac.uk>:
> Hi,
>
>> The problem appears in any case - with or without require-membership option.
>>
>> > which version of SAMBA are you running? Latest version is known to have
>> > issues - they've changed things with its output.
>>
>> I use samba 3.0.35 on FreeBSD 7.2 box.
>>
>> > also, recommend you change the command to have this instead
>> >
>> > --username=%{Stripped-User-Name:-%{User-Name:-None}}
>> >
>> > that'll get rid of that annoying output error
>>
>> I have the following command:
>>
>> ntlm_auth = "/usr/local/bin/ntlm_auth --request-nt-key
>> --require-membership-of=CENTAURA+InternetUsers
>> --username=%{Stripped-User-Name:-%{User-Name:-None}}
>> --challenge=%{mschap:Challenge:-00}
>> --nt-response=%{mschap:NT-Response:-00}"
>>
>> If I call it from shell with options from radius request - I get result:
>>
>> # /usr/local/bin/ntlm_auth --request-nt-key
>> --require-membership-of=CENTAURA+InternetUsers --username=BAS
>> --challenge=6b6f49357dccee7c
>> --nt-response=ce2480f1e35c222a4d3481b83ee78854094394517f29d9ec
>>
>> NT_KEY: A9B342EC3E218E54A330556C468415CD
>>
>> What can I do for getting some details about error?
>
> <clutching at straws>
> maybe escape the + in your command (ie \+ ?
> </clutching>
>

*The problem appears in any case - with or without require-membership option.*
The command can be looked like

ntlm_auth = "/usr/local/bin/ntlm_auth --request-nt-key
 --username=%{Stripped-User-Name:-%{User-Name:-None}}
 --challenge=%{mschap:Challenge:-00}
 --nt-response=%{mschap:NT-Response:-00}"

And output is the same as in previous case.

Thanks,
Anton



More information about the Freeradius-Users mailing list