PAP against winbind
mcn4 at leicester.ac.uk
Wed Jun 1 00:02:44 CEST 2016
Have done a bit of work on rlm_pap and added the ability to pass
the username/password through to AD via winbind, complementing the
code in rlm_mschap and replacing the need for mods-available/ntlm_auth.
This should mostly help people permitting EAP-TTLS/PAP as one of
their available methods, as another call out to ntlm_auth can be
avoided, and it's convenient to use the same setup as rlm_mschap
rather than e.g. having to configure ldap as well.
rlm_mschap isn't the best place for this, and it doesn't seem
entirely fitting with rlm_pap either, so if anyone's got
suggestions for a better place for it then shout...
So, only password changes to go, then ntlm_auth can be done away
with entirely :-)
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Devel