Hi all, I just set up a Freeradius server (3.0 on Ubuntu 16.04). I want to use an OpenLDAP server (that has a UserPassword field with an NTLM hash and a prefix that is "{ntlm}", so a password looks like "{NTLM}0CB6948805F797BF2A82807973B89537". Now I would like Freeradius to strip the "{NTLM}" part, and then authenticate using that hash. Amongst server connection settings, I also added this to the ldap module configuration: password_header = "{ntlm}" #control:Password-With-Header += 'userPassword' control:NT-Password := 'UserPassword' I still get this when testing with an android device: Thu Sep 21 08:59:02 2017 : WARNING: (7) mschap: NT-Password found but incorrect length, expected 16 bytes got 38 bytes. Authentication may fail Thu Sep 21 08:59:02 2017 : WARNING: (7) mschap: No Cleartext-Password configured. Cannot create NT-Password Thu Sep 21 08:59:02 2017 : WARNING: (7) mschap: No Cleartext-Password configured. Cannot create LM-Password Thu Sep 21 08:59:02 2017 : Debug: (7) mschap: Creating challenge hash with username: MyUserName Thu Sep 21 08:59:02 2017 : Debug: (7) mschap: Client is using MS-CHAPv2 Thu Sep 21 08:59:02 2017 : ERROR: (7) mschap: FAILED: No NT/LM-Password. Cannot perform authentication Thu Sep 21 08:59:02 2017 : ERROR: (7) mschap: MS-CHAP2-Response is incorrect Do you guys have any tips for me on how to resolve this? Sorry if I left out any valuable info. Thanks, Maarten