NTLM

Paul Ryszka paul at webangel.ie
Wed Nov 4 13:07:17 CET 2009


Hi,

I was setting up NTLM auth against AD and it works well however I wanted
to add another server sections in the config and that was working ok too
up to the point when somebody wants to do mschap authentication against
something else than AD 
I followed the recommendations and add the following:
        with_ntdomain_hack = yes
        ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username={mschap:User-Name:-None}
--domain={mschap:NT-Domain:-WEBANGEL} --challenge={mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"

to the module section in mschap but now it seams that it cannot do any
other backends
I have sql engine returning ok before mschap
and than mschap returning reject and whole request is rejected.
I attach log of activity from radius -X 
I would like to have two separate server sections 
one authenticating against AD and the other against SQL and I would like
the end-client to be able to use MSCHAPv2 to use both.

Thank you in advance for your help.

Regards
Paul


-------------- next part --------------
A non-text attachment was scrubbed...
Name: radius.log
Type: text/x-log
Size: 21924 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20091104/8ae78dda/attachment.bin>


More information about the Freeradius-Users mailing list