Willem Eradus <[EMAIL PROTECTED]> wrote:
>
> On Wed, 30 Mar 2005 06:50:37 -0500 (EST), Jim Seymour
> <[EMAIL PROTECTED]> wrote:
> >
[snip]
> >
> > One thing I notice is the client PC sending WINNAME\username, instead
> > of just username, if I tell it to use the Windows login info.
> >
> > > [At least I think so; someone please correct me if I'm wrong]
>
> I get [WI-1\\Willem Eradus/<no User-Password attribute>]
>
> # Windows sends us a username in the form of
> # DOMAIN\user, but sends the challenge response
> # based on only the user portion. This hack
> # corrects for that incorrect behavior.
> #
> #with_ntdomain_hack = no
I tried that. Made no discernable difference.
Note, further down, in "preprocess," this:
# Windows NT machines often authenticate themselves as
# NT_DOMAIN\username
#
# If this is set to 'yes', then the NT_DOMAIN portion
# of the user-name is silently discarded.
#
# This configuration entry SHOULD NOT be used.
# See the "realms" module for a better way to handle
# NT domains.
with_ntdomain_hack = no
I'm not at all clear on "realms" or what I should be doing in that
respect, if anything.
>
> I believe the above should take care of the "domain" part, and some
> other attribute may hold a hash with the password. Did you try with -X
> enabled to see what attributes are being provided?
I've been running it in the foreground with -X. That *is* what the
install docs say to do for testing, after all, and I do RTFM. Well...
usually. I'm not yet grokking much of what I'm seeing.
I'll keep plugging away. Hopefully, sooner-or-later, either I'll trip
across the solution or somebody here will mention it.
Thanks for the follow-up.
Jim
--
Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.linxnet.com/scform.php>.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
