Haas Florian wrote:
So, to clarify my original question. What I want is this:
1. Put the value of an LDAP attribute (sAMAccountName) into a variable when the user is authorized in LDAP. 2. Access that variable when the user is being authenticated via MS-CHAPv2, and put it into the --username argument of ntlm_auth.
I do understand that this would require registering said variable in dictionary and ldap.attrmap. I also understand that I need to set up a proper filter in the configuration of the ldap module, for correct authorization of the "user" that's being identified by it servicePrincipalName in this case. I have done all that. What else would I need, if what I'm trying to do is at all possible?
It sounds like that should work. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog