Another LDAP/MSCHAPv2 problem

Phil Mayers p.mayers at imperial.ac.uk
Sat Feb 11 11:27:25 CET 2012


On 02/10/2012 05:46 PM, Alan Buxey wrote:
> Hmmm.
>
> Don't update user-name. Set or update stripped-user-name instead and use
> that in the mschap auth

The mschap module doesn't honour Stripped-User-Name anywhere. The only 
place it would work would be in the ntlm_auth command line xlat, and 
he's not using that - he's running Samba as a domain controller w/ LDAP 
backend, and trying to auth against the password hashes in LDAP directly.



More information about the Freeradius-Users mailing list