Date: Tue, 27 Nov 2012 11:48:58 -0500 From: aland@deployingradius.com To: freeradius-users@lists.freeradius.org Subject: Re: matching entry in users file
vazoumana fofana wrote:
i ve got question about authentication : i want to set in users file, a user who can be authenticated by two ways : EAP-TLS (certificate) and EAP-TTLSP, PAP (login password).
EAP-TLS doesn't really use the "users" file. i wanted to say if a user is not on users file, it can't be authenticated with any protocole (EAP-TLS and others)
For a same and unique login, can i do this ? Or freeradius just check the first entry wich corresponds ?
FreeRADIUS authenticates the user with the information it has.
If the user has a valid certificate, he's authenticated.
If the user has a valid password, he's authenticated. I try to do this :
napoleon SMD5-Password :="yyyyyyyyyyyyyyy" napoleon : NT-Password := "xxxxxxxxxxxxxx" When i try to authenticate with nt-password, it fails. But when i delete SMD5 entry, it works. In twice, freeradius has the right information.
This is the same as a user trying PAP, CHAP, or MS-CHAP. They all work. They can all be used by the same user.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html