rlm_exec with ntlm_auth broken in 3.0.2+git??
peter.geiser at id.unibe.ch
peter.geiser at id.unibe.ch
Mon Feb 10 09:31:06 CET 2014
Is ntlm_auth with clear text password broken in FR 3.0.2+git?
Modul Config:
#
exec ntlm_auth {
wait = yes
program = "/usr/bin/ntlm_auth --request-nt-key --domain=DOMAIN
--username=%{mschap:User-Name} --password=%{User-Password}"
}
Debug output:
Found Auth-Type = ntlm_auth
(0) # Executing group from file /etc/freeradius/sites-enabled/ntlm
(0) Auth-Type ntlm_auth {
(0) ntlm_auth : Executing: /usr/bin/ntlm_auth --request-nt-key
‹domain=DOMAIN --username=%{mschap:User-Name} --password=%{User-Password}
(0) ntlm_auth : expand: "--username=%{mschap:User-Name}" ->
'--username=testuser'
(0) ntlm_auth : expand: "--password=%{User-Password}" ->
'--password=TEST1234'
(0) ERROR: ntlm_auth : Failed parsing output from: /usr/bin/ntlm_auth
--request-nt-key ‹domain=DOMAIN --username=%{mschap:User-Name}
--password=%{User-Password}: Expecting operator
(0) ERROR: ntlm_auth : Program returned code (0) and output 'NT_STATUS_OK:
Success (0x0)'
(0) [ntlm_auth] = fail
(0) } # Auth-Type ntlm_auth = fail
(0) Failed to authenticate the user.
Authentication seems to be ok but FR can¹t parse the return values.
Thanks for any Feedback.
- Peter
More information about the Freeradius-Users
mailing list