#  -*- text -*-
#
#
#  $Id: cec810312aa5df7275a888ec93f4de174775fcfa $

#######################################################################
#
#  = NTLM Auth Module
#
#  The `ntlm_auth` module tests NTLM authentication with PAP.
#
#  If you have problems with authentication failing, even when the
#  password is good, it may be a bug in an old version of Samba:
#
#    https://bugzilla.samba.org/show_bug.cgi?id=6563
#
#  Depending on the AD / Samba configuration, you may also need to add:
#
#    --allow-mschapv2
#
#  to the list of command-line options.
#
#  For more documentation on integrating FreeRADIUS with Active Directory, please
#  see the following web page:
#
#	http://deployingradius.com/documents/configuration/active_directory.html
#

#
#  ## Configuration Settings
#
#  See the `exec` module for an explanation of the configuration options.
#
exec ntlm_auth {
	wait = yes

	#
	#  You will need to edit the path and domain to match your
	#  local system.  The other fields can be left alone.
	#
	program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%mschap(User-Name) --password=%{User-Password}"
}
