free radius ntlm_auth problem
Alan DeKok
aland at deployingradius.com
Sat Oct 7 01:03:33 CEST 2006
Andris wrote:
...
> Usernames without whitespaces authorize succesfully. When
> run ntlm_auth manal and write usernames like 'user 1' than work. And
> i want put a NT group requirment too like a 'Domain Users' ntlm_auth
> string is:
>
> ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
> --domain=%{mschap:NT-Domain} --username=%{mschap:User-Name}
> --challenge=%{mschap:Challenge:-00}
> --nt-response=%{mschap:NT-Response:-00}"
Try using: ntlm_auth = '...', i.e. use single quotes rather than
double quotes. The issue appears to be that the User-Name string is
expanded *before* the 'exec program' code is being called.
That means the splitting of the program arguments by spaces is
hitting the space in the username. What *should* happen is that
entire string gets sent to the 'exec program' code, which splits the
string by spaces, and *then* expands User-Name.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list