The Samba-Bugzilla – Bug 12252
[PATCH] "ntlm_auth --enable-mschapv2" is broken
Last modified: 2016-09-10 22:44:50 UTC
Created attachment 12456 [details]
As mentioned in the release notes, Samba 4.5.0 disables 'ntlm auth' by default, which breaks MSCHAPv2 auth. I was looking for a way to fix MSCHAPv2 without having to globally re-enable NTLMv1.
Commit 0b500d413c5b76188c0c566318be7079b777237c adds `ntlm_auth --allow-mschapv2` for client-side support for MSV1_0_ALLOW_MSVCHAPV2, but doesn't implement the server side. (It seems this was mainly for authenticating against real Windows servers?)
Attached is my first (working) attempt to implement handling of this flag.