multiple peap authentication source?
tbsky at annsky.us
tbsky at annsky.us
Fri Jul 22 05:54:21 CEST 2005
Hi:
thanks for ur reply.
let me describe my need and plan.
i want to use freeradius as our wireless authenticator.
client is windows xp and using wpa + eap-peap-mschapv2.
wireless AP is configure to ask freeradius server.
all employee in our company has windows domain account,
so i want freeradius to ask windows for these guys via "ntlm_auth".
guests didn't have windows domain account, so i want to create
guest account in the "users" file, since it's a plain text file, i can
easily write a web front-end to maintain that file.
if freeradius can use both "ntlm_auth" and "users" file to authticate
users, then everything is streight-forward.
maybe there are some trinks can do what i want?
thanks for ur help!!
Best Regareds,
sky_li
> tbsky at annsky.us wrote:
>> sorry i didn't clearify my question. mix the source means if
>> windows wireless client enter a peap username and password,
>> freeradius would first check windows domain via "ntlm_auth" program,
>> if that fails, check the "users" file. any of them suceess, freeradius
>> would give Access-accept.
>
> The "ntlm_auth" program runs in the "authenticate" section, and the
> "users" file runs before that, in the "authorize" section.
>
> What you want to do is impossible in the current implementation.
>
> Can you describe what you want to do, WITHOUT getting into
> implementation details? There may be other ways of acheiving your
> goal, which you're not seeing. If all you talk about is
> implementation, we have no way of helping you find those other
> solutions.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list