mschap machine authentication
Alan DeKok
aland at nitros9.org
Thu Jul 20 17:15:15 CEST 2006
"Guillermo Vargas-DellaCasa" <gvargas-dellacasa at nhvweb.net> wrote:
> I found out that this is because Windows supplicant send the machine
> name as "host/quitelongmachinename.company.domain", and the mschap
> module of FreeRadius strip "quitelongmachinename" and use that when
> running ntlm_auth (it actually uses "quitelongmachinename$". But,
> ntlm_auth needs "quitelongmachin$" to work (i.e. only the first 15
> chars).
Good point... that change should be made in the mschap module.
> I'm not a programmer so probably what's above is not the nicer way to
> get the idea done, but hey, it worked pretty well. Now machine
> authentication works no matter how long the machine name is. Thought I
> would share it...
Thanks. We'll put a patch into a future release.
Alan DeKok.
More information about the Freeradius-Users
mailing list