tbsky@annsky.us wrote:
sorry i didn't clearify my question. mix the source means if windows wireless client enter a peap username and password, freeradius would first check windows domain via "ntlm_auth" program, if that fails, check the "users" file. any of them suceess, freeradius would give Access-accept.
The "ntlm_auth" program runs in the "authenticate" section, and the "users" file runs before that, in the "authorize" section. What you want to do is impossible in the current implementation. Can you describe what you want to do, WITHOUT getting into implementation details? There may be other ways of acheiving your goal, which you're not seeing. If all you talk about is implementation, we have no way of helping you find those other solutions. Alan DeKok.