ntlm_auth fails for none domain

John elmer_radius at yahoo.com.cn
Mon Jul 5 09:17:07 CEST 2010 

Yes. I did not supply the domain into in the usename.  
But "xjtu" is our  default domain, I set it in mschap ntlm_auth parameters. If I use old freeRADIUS-1.1.6, mschap module will supply "xjtu" as domain if no domain info in username. 
 
--domain=%{mschap:NT-Domain:-xjtu} 
 

--- 10年7月2日,周五, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> 写道:


发件人: Alan Buxey <A.L.M.Buxey at lboro.ac.uk>
主题: Re: ntlm_auth fails for none domain
收件人: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
日期: 2010年7月2日,周五,下午4:17


Hi,
> Hi,
> It is the whole debug info. I think the problem is we could not get the default domain name "xjtu".

thats not the whole debug either...never mind.
 
[John] Sorry. I did not attach the debug for freeRADIUS init.


from what I can see.....

> Listening on authentication address * port 1812
> Listening on command file /usr/local/var/run/radiusd/radiusd.sock
> Listening on proxy address * port 1814
> Ready to process requests.
> rad_recv: Access-Request packet from host 10.155.20.85 port 32807, id=118, length=125
>  Service-Type = Authorize-Only
>  NAS-Port-Type = Wireless-802.11
>  User-Name = "hhe"
^^^^^^^^^^^^^^^^^^^

you are not sending any doamin in the login at all - so how the ***** can FR know to do things for you?
the domain needs to be sent in the login 

> [mschap]  expand: --domain=%{mschap:NT-Domain:-xjtu} -> --domain=

see, you say, use the value supplied via mschap, or use xjtu.  mschap supplied a blank, so you
use a blank.
 
[John]  Yes. I did not supply the domain into in the usename.  
         But "xjtu" is our  default domain, I set it in mschap ntlm_auth parameters. 
         If I use old freeRADIUS-1.1.6, mschap module will supply "xjtu" as domain if no domain info in username. 


alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100705/8da3651d/attachment.html>

More information about the Freeradius-Users mailing list