Choosing backend by realm
hi, I would like to use two sources of useres for EAP-PEAP authentication, "DOAMIN\user" and "user" should be authenticated ny ntlm_auth, "user@ldapserver" shopuld use LDAP attribute ntPassword from my ldap server. Is someone running such a configuration and could provide me with a hint or a sample ? I have tried using realms and proxing to virtaul server, but this does not seam to work. I have a virtual server server virtual.example.com { $INCLUDE ${confdir}/sites-available/default } realm "ldapserver" { } Works realm "ldapserver" { virtual_server = virtual.example.com } Does not. What am i doing wrong ? Thanks for your help in advance, Manon Manon Goo Dembach Goo Informatik GmbH & Co KG Untersachsenhausen 33 D-50667 Köln Tel: +49 221 801483 0 Mobil: +49 177 8091974 Fax: +49 221 801483 20 Email: manon@dg-i.net Emergency: +49 180 555 4992 Amtsgericht Köln HRA 22794, UST ID: DE242 159 527 Geschäftsführer: Manon Goo, Andreas Dembach Haftende Gesellschafterin: Dembach Goo Verwaltungs GmbH
Manon lists wrote:
I would like to use two sources of useres for EAP-PEAP authentication, "DOAMIN\user" and "user" should be authenticated ny ntlm_auth, "user@ldapserver" shopuld use LDAP attribute ntPassword from my ldap server.
Configure that policy in raddb/sites-available/inner-tunnel. Use "unlang" to do those comparisons, and to run ntlm_auth, or ldap.
realm "ldapserver" { virtual_server = virtual.example.com }
Does not.
That is only for internal proxying. And see the FAQ for "it doesn't work". Alan DeKok.
participants (2)
-
Alan DeKok -
Manon lists