[Samba] ntlm_auth with freeradius doesn't work when windows is automatically using the current username+password

Dick dm at chello.nl
Sun Oct 2 13:37:08 GMT 2005

Hi all,

I've configured FreeRADIUS for PEAP and I'm forwarding the NTLM authentication
to our Windows Active Directory.
I'm using the following script to proxy the MSCHAPv2 NTLM credentials:
/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 >> /tmp/log << @EOF
Username: ${1/NTDOMAIN01\\\\}
Full-Username: ${1}
LANMAN-Challenge: ${2}
NT-Response: ${3}

(This doesn't work for FreeRADIUS yet, but I'm doing this for the logging data)

When I'm instructing the Windows supplicant to use the current credentials I 
get the following error:
NTDOMAIN01\\eeto003 0c21e86b0baca9ea
Authenticated: No
Authentication-Error: Wrong Password

When I tell windows to ask for my credentials and enter the username + password
+ domain it works:
Authenticated: Yes

Could someone please tell me what I might be doing wrong?

Is it 'normal' that I can't omit the Username (when the Full-Username is 


More information about the samba mailing list