Radclient.c hack for ntlm_auth testing

Alan DeKok aland at deployingradius.com
Mon Feb 26 10:35:21 CET 2007

Dow, Corey wrote:
> Is there any way to get radclient working with chap and ntlm_auth? 


> If I try to use it with ntlm_auth, I get an Accept even with a bad password.

  That's arguably a bug in ntlm_auth, but you're also calling it

> radius_xlat:  '/usr/bin/ntlm_auth ntlm_auth --request-nt-key --domain=NETIDM
> --username=codo --password='

  There's no User-Password in the request, so the '--password=' argument
is getting passed nothing.  Don't do that.

  But even that isn't the issue.  The real issue is that you should not
be calling ntlm_auth with '--password=...' if there's no User-Password
in the request.

> I saw Alan's blog that states this isn't currently available but I was
> wondering if there was a way around it. 


  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

More information about the Freeradius-Users mailing list