Freeradius-Users Digest, Vol 134, Issue 11

A.L.M.Buxey at A.L.M.Buxey at
Mon Jun 6 23:29:25 CEST 2016


> The ntlm_auth command will not authenticate against alternate active directory UPN You must use the original active directory domain name.  

then dont use the domain - just use the stripped name with ntlm_auth  (so ensure the realm is valid for strip in proxy.conf) and/or
use the mschap:User-Name  - alternatively, add a local dictionary attribute, assign the current %{relam{ to it and use that
on the ntlm_auth line with --domain instead.


More information about the Freeradius-Users mailing list