NTLM Auth Help
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Tue Jun 2 21:57:10 CEST 2009
Hi,
> If I follow the logic as supplied by Neil, and remove the "--domain" option
> then this works fine for all users in all domains, and machines in same
> domain that winbind was joined to, but not machines from remote domains. If
ah! multiple remote domains - not in a forest of trust?
> I can't really see anyway to resolve this, other than moddifing the
> ntlm_auth line based on some unlang logic to cut out the uk, us, and au bit
> from the "X.mycompany.local" supplied domain name in the "host/" username.
> Is this even possible though??
that could work....hmm something along the lines of
if (%{User-Name} =~ /.domain.wanted/({
ntlm_auth blah blah --domain DOMAINWANTED
}
etc etc so ntlm_auth gets fired off with the right stuff...no playing
with User-Name
alan
More information about the Freeradius-Users
mailing list