ntlm_auth and AD authentication
freeradius at corwyn.net
freeradius at corwyn.net
Mon Nov 23 16:24:58 CET 2009
freeradius2-2.1.7-2.el5
freeradius2-utils-2.1.7-2.el5
freeradius2-libs-2.1.7-2.el5
CentOS 5.2
I'm trying to get freeradius to authenticate with an AD server, using
the instructions at
http://deployingradius.com/documents/configuration/active_directory.html
The initial confirmation of communication with AD is working. The
instructions then say to try:
ntlm_auth --request-nt-key --domain=MYDOMAIN --username=user
--password=password
to confirm, and it looks like it's working. However, the instructions
also indicate you should also see the NT_KEY output, which is needed
in order for FreeRADIUS to perform MS-CHAP authentication.
However, whether I use
ntlm_auth --request-nt-key --domain=MYDOMAIN --username=user
--password=password
or
ntlm_auth --domain=MYDOMAIN --username=user --password=password
the output/response looks the same:
NT_STATUS_OK: Success (0x0)
which leads me to believe that the nt-key isn't being provided? What
is the nt-key supposed to look like? If it's not showing up
correctly, any ideas why?
thanks
Rick
Rick Steeves
http://www.sinister.net
In reality nothing is more damaging to the adventurous spirit within
a man than a secure future - Alexander Supertramp
More information about the Freeradius-Users
mailing list