Ntlm_auth vs. Cleartext-password

Alan DeKok aland at deployingradius.com
Wed Feb 20 16:21:59 CET 2013

Óscar Remírez de Ganuza Satrústegui wrote:
> We were able to /bypass/ the ntlm_auth on some users/groups defining on
> the users file the control item "MS-CHAP-Use-NTLM-Auth := No".
> But is there a way to configure freeradius such that if
> Cleartext-Password password is available it uses it, and otherwise it
> uses ntlm_auth to authenticate?

authorize {

	if (control:Cleartext-Password) {
		update control {
			MS-CHAP-Use-NTLM-Auth := No



  Alan DeKok.

More information about the Freeradius-Users mailing list