PEAP and ntlm_auth

Dick dm at chello.nl
Thu Sep 29 22:55:47 CEST 2005


Hi all,

I've got a small problem with FreeRadius, I'm trying to forward NTLM
authentication to a NT domain by using ntlm_auth but the %{Stripped-User-Name}
is empty.
I've enabled ntdomain in authorize { } and preacct { }, but it doesn't seem to
translate "%{User-name}" as "NTCORP01\\USER" to "%{Stripped-User-Name}" as"USER".

When I use "ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=USER" it
works (but only for USER ;-)).

with_ntdomain_hack in preprocess { } it breaks PEAP (as mentioned earlier on
this list).

Should I create a wrapper script for ntlm_auth (to strip the %{User-name}) as a
workaround or can I use another FreeRadius trick?

Thanks,

Dick




More information about the Freeradius-Users mailing list