Displaying 4 results from an estimated 4 matches for "with_ntdomain_hack".
2006 Jun 12
0
Active Directory Integration with FreeRADIUS - NTLM_Auth
...le: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = yes
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
mschap: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --domain=
%{mschap:NT-Domain} --username=%{mschap:User-Name} --challenge=
%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
Module: I...
2007 Apr 26
1
ntlm_auth to AD with only ntlmv2 enabled failing
...it up):
ntlm_auth = "/usr/bin/ntlm_auth -debug=10 --logfile=/tmp
--request-nt-key --domain=adtest
--username=%{Stripped-User-Name:-%{User-Name:-None}}
--challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
I have also tried in the radiusd.conf file
with_ntdomain_hack = no
and
with_ntdomain_hack = yes
It didn't make any difference
With the radius server in debug mode, I see the following when both ntlmv1
and ntlmv2 are enabled on the AD side(ie. a successful auth):
modcall[authorize]: module "auth_log" returns ok for request 1
rlm_mschap: Foun...
2023 Apr 03
2
Fwd: ntlm_auth and freeradius
.../ntlm_auth --allow-mschapv2 --request-nt-key \
??????????????????--domain=example \
??????????????????--require-membership-of=example\authorization_groupname \
??????????????????--username=%{mschap:User-Name}
--password=%{User-Password}"
mods-enables/mschap
mschap {
???use_mppe = yes
???with_ntdomain_hack = yes
???require_encryption = yes
???require_strong = yes
???ntlm_auth = "/usr/bin/ntlm_auth --allow-mschapv2 --request-nt-key \
????????????????--domain=example \
????????????????--require-membership-of=example\authorization_groupname \
????????????????--username=%{%{mschap:User-Name}:-...
2023 Apr 03
2
ntlm_auth and freeradius
Op 03-04-2023 om 16:05 schreef Tim ODriscoll via samba:
> Dear All,
>
> I'm trying to setup FreeRADIUS to authenticate a machine account to grant access to wifi for domain-connected machines. I think I've got the GPO's set up properly and the CA deployed to the clients, as I'm not getting any errors there.
>
> The errors I'm getting are to do with ntlm_auth not