Talking to Windows 2003 AD

Alan Buxey A.L.M.Buxey at
Wed Mar 17 18:23:37 CET 2010


>  Now when I go to the next step and enable this in /etc/raddb/modules/mschap
>         ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username==%{%{Stripped-User-Name}:-%{User-Name:-None}} --domain=%{%{mschap:NT-Domain}:-OURDOMAIN} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"

radiusd -X

and show us at least that bit where that command is called.

you have 2 == is your command. is that intentional?  you are allowing usernames
that havent been sanitised or are blank (none) - is that intentional?


More information about the Freeradius-Users mailing list