PEAP ntlm_auth strange behaviour
Jérémy Cluzel
j.cluzel at online.fr
Tue Mar 28 20:48:25 CEST 2006
James J J Hooper a écrit :
>Radius is working fine ... ntlm_auth is returning 'Logon failure' i.e
>either samba / your 2003 AD thinks the password is wrong (look at the event
>viewer on the domain controller) or you do not have permission to
>authenticate.
>
>
Well, I know that the password typed is good.
Moreover, if I run "ntlm_auth --request-nt-key --domain=CHRT
--username=jpbrunain" with the good password, I got this message:
"NT_STATUS_OK: Success (0x0)"...
So I think I have permission to authenticate.
>you could also try running the ntlm_auth command on its own without
>specifying the domain:
>
>/usr/local/bin/ntlm_auth --request-nt-key --username=jpbrunain
>--challenge=d8a9272386722a12
>--nt-response=db063bdf850cff582568f32a83da83315bac0a1c2adc19a2
>
>
I tried it and it failed, the error code returned was: "Logon failure
(0xc000006d)".
Where do these parameters (challenge and nt-response) come from ?
As far as I remember, I tried the following commands:
/usr/local/bin/ntlm_auth --request-nt-key --username=jpbrunain
--challenge=d8a9272386722a12
This one succeeded after entering the good password.
/usr/local/bin/ntlm_auth --request-nt-key --username=jpbrunain
--nt-response=db063bdf850cff582568f32a83da83315bac0a1c2adc19a2
The second one not, even with the good password... what does it mean ?
How to solve this ?
>and see if it works! (i have had problems when specifying the domain on the
>command line before)
>
>Regards,
> James
>
>
Thanks for your time.
Jeremy
>--
>James J J Hooper,
>Information Services
>University of Bristol
>--
>
More information about the Freeradius-Users
mailing list