Ok I will try that out, ntlm_auth module is already configured and works for radtest and wifi.<div>So ntlm_auth with captive portal , is that the way to go , as told by you ? All other captive portal portal server we have to do like that ? </div>
<div><br><br><div class="gmail_quote">On Fri, Apr 19, 2013 at 9:56 PM, Matthew Newton <span dir="ltr"><<a href="mailto:mcn4@leicester.ac.uk" target="_blank">mcn4@leicester.ac.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On Fri, Apr 19, 2013 at 08:59:57PM +0530, Chitrang Srivastava wrote:<br>
> I am using Microsoft 2003 Active Directory Server , the way wifi (MSCHAPv2)<br>
> works is with ntlm_auth , which does the authentication.<br>
<br>
</div>OK, finally the information that's needed.<br>
<div class="im"><br>
> The way it works with wifi or radtest is , Auth-Type is set to EAP (it<br>
> refers to eap.conf ) , it goes to mschap modules(set up TLS channel and<br>
> then under that) , from there its told to use external program ntlm_auth ,<br>
> which does the authentication and tells radius if its OK or not.<br>
><br>
> What i was trying , is to get similar way working with captive portal as<br>
> well.<br>
<br>
</div>There's an example in raddb/modules/ntlm_auth. Configure that<br>
file, and then do something like this:<br>
<br>
authorize {<br>
...<br>
<div class="im"> if (!EAP-Message && User-Password) {<br>
update control {<br>
</div> Auth-Type = PAP<br>
}<br>
}<br>
}<br>
<br>
authenticate {<br>
Auth-Type PAP {<br>
# pap <-- comment out<br>
ntlm_auth<br>
}<br>
}<br>
<br>
Then it should take your User-Name and User-Password, check them<br>
using the ntlm_auth utility rather than the pap module (the<br>
ntlm_auth "module" is just an instantiation of exec).<br>
<div class="HOEnZb"><div class="h5"><br>
Matthew<br>
<br>
<br>
<br>
--<br>
Matthew Newton, Ph.D. <<a href="mailto:mcn4@le.ac.uk">mcn4@le.ac.uk</a>><br>
<br>
Systems Specialist, Infrastructure Services,<br>
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom<br>
<br>
For IT help contact helpdesk extn. 2253, <<a href="mailto:ithelp@le.ac.uk">ithelp@le.ac.uk</a>><br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br></div>