Remove with_ntdomain_hack in rlm_mschap?
aland at deployingradius.com
Thu Oct 27 08:02:57 CEST 2011
Phil Mayers wrote:
> Does this config option make any sense? Shouldn't it always be on?
I really have no idea....
> The only thing it controls is the username to feed into the MS-CHAP
> challenge generation, and AFAICT from RFC 2759, we should *always*
> ignore DOM\ for that. Certainly windows does.
If Windows does it...
> I found this out today - if you have "with_ntdomain_hack = no", ticking
> the "Use my windows credentials" box for wired/wireless 802.1x login
> doesn't work with a default FR config.
> Perhaps we should remove it for 3.x?
I'm OK with that.
More information about the Freeradius-Devel