EAP and NTLM support (fwd)

Phil Mayers p.mayers at imperial.ac.uk
Wed Nov 24 20:15:08 CET 2010

On 11/24/2010 06:10 PM, JR Mayberry wrote:
> http://technet.microsoft.com/en-us/library/dd560653(WS.10).aspx
> microsoft appears to be making steps to kill NTLM as it isn't secure

It is important to distinguish between NTLM-the-wire-protocol, and 
ntlm_auth, the Samba helper binary, which actually calls a NetLogon RPC 
function call over an schannel-protected pipe (which may for example be 
encrypted using the Kerberos trust relationship between the Samba server 
and the domain controller)

The former may (eventually) be deprecated, but 
FreeRadius/Samba/ntlm_auth don't use it.

The latter is not going anywhere, I feel sure.

More information about the Freeradius-Users mailing list