[Samba] ntlm_auth
with freeradius doesn't work when windows is automatically
using the current username+password
Dick
dm at chello.nl
Sun Oct 2 13:37:08 GMT 2005
Hi all,
I've configured FreeRADIUS for PEAP and I'm forwarding the NTLM authentication
to our Windows Active Directory.
I'm using the following script to proxy the MSCHAPv2 NTLM credentials:
/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 >> /tmp/log << @EOF
Username: ${1/NTDOMAIN01\\\\}
Full-Username: ${1}
LANMAN-Challenge: ${2}
NT-Response: ${3}
.
@EOF
(This doesn't work for FreeRADIUS yet, but I'm doing this for the logging data)
When I'm instructing the Windows supplicant to use the current credentials I
get the following error:
NTDOMAIN01\\eeto003 0c21e86b0baca9ea
7d7fe615f7d0d1a942e9c0ffb9a619b1be78ebf508e089d2
Authenticated: No
Authentication-Error: Wrong Password
.
When I tell windows to ask for my credentials and enter the username + password
+ domain it works:
Authenticated: Yes
.
Could someone please tell me what I might be doing wrong?
Is it 'normal' that I can't omit the Username (when the Full-Username is
supplied)?
TIA
Dick
More information about the samba
mailing list