winbind / ntlm_auth funny
Matthew Newton
mcn at freeradius.org
Thu Jan 18 11:52:38 CET 2018
On Thu, 2018-01-18 at 10:47 +0000, Alex Sharaz via Freeradius-Users
wrote:
> I've been using winbindd for a long time to authenticate york users
> .. and it "just works"
Good to know.
> with
>
> winbind_username = "%{Stripped-User-Name}"
> winbind_domain = "HYMS.AC.UK"
>
> plus a few other bits to get inner-tunnel to call mschap_hyms as
> appropriate
OK.
> ntlm_auth --username=eduroamtest2 --domain=HYMS.AC.UK
>
> and get the same no such user message
>
> However, try
> ntlm_auth --username=\eduroamtest2 --domain=HYMS.AC.UK
>
> and get a success after entering a password.
That's... weird.
> Thought I'd go back to using ntlm_auth in my FR config for HYMS
> So how do I prefix Stripped-user-name wtih a "\" in inner-tunnel ?
Use
winbind_username = "\\%{Stripped-User-Name}"
?
--
Matthew
More information about the Freeradius-Users
mailing list