Ntlm_auth Help
James J J Hooper
jjj.hooper at bristol.ac.uk
Thu Aug 24 22:39:27 CEST 2006
On 24 Aug 2006, at 21:24, King, Michael wrote:
> I'm building a new radius server. I'm copying an existing one.
>
> I'm getting the following error from freeRADIUS when I run it -x
> (FreeRADIUS 1.1.3)
>
> Exec-Program: /usr/bin/ntlm_auth --request-nt-key --username=mking
> --challenge=46b51a98d607a3a9 --nt-response=
> hex decode of failed! (only got 0 bytes)
^^^^^^^^ = of .... nothing because you have got --nt-
response= nothing. So decoding nothing doesn't work.
> Of course, if I run it via the command line, it works flawlessly.
> rad2:/etc/freeradius# ntlm_auth --username=mking
> password:
> NT_STATUS_OK: Success (0x0)
So ntlm_auth can talk to winbind, ...which can talk to the domain.
The problem is the cranky parameter --nt-response above.
> I've copied the ntlm_auth line from my working radius server (which is
> on 1.0.1, hence the reason I'm upgrading)
>
> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
> --username=%{mschap:User-Name} --challenge=%{mschap:Challenge}
> --nt-response=%{mschap:NT-Response)"
^^^^^^^^^^^^^^^
You seem to have the wrong variety of bracket here!?? This may be the
reason --nt-response is being set to nul, and hence the above error.
Regards,
James
--
James J J Hooper
Information Services
University of Bristol
--
More information about the Freeradius-Users
mailing list