Enabling NTLM causes the daemon not to start...

Matthew Newton mcn at freeradius.org
Thu Dec 6 10:58:43 CET 2018


On Thu, 2018-12-06 at 09:47 +0000, WAGHORN, Jason (NHS BORDERS) via
Freeradius-Users wrote:
> > > Mistake on the wiki; I've fixed it.
> > > This should be
> > >  Auth-Type pap {
> > > not just
> > >  pap {
> 
> Splendid - the daemon starts now - so anything else is my own fault
> :)

Great.

You also need to edit this file and set the domain correctly:

  # Loading module "ntlm_auth" from file /etc/raddb/mods-
enabled/ntlm_auth
  exec ntlm_auth {
        wait = yes
        program = "/usr/bin/ntlm_auth --request-nt-key --allow-mschapv2 
--domain=MYDOMAIN --username=%{mschap:User-Name} --password=%{User-
Password}"
        shell_escape = yes
  }

(You can also run that command from the shell manually and check that
it authenticates.)

> You've certainly done something right - sending the "-X" output,
> > > not -Xxxx or -Xx or whatever other people keep sending!
> 
> I try to follow the rules... I'm not Song Zou :)

Thanks, It's nice when someone actually reads them. Makes it easier for
everyone.

-- 
Matthew



More information about the Freeradius-Users mailing list