ntlm fall-through
Alan DeKok
aland at deployingradius.com
Tue Dec 19 20:24:55 CET 2006
Stieven.Struyf at komatsu.eu wrote:
>
> All,
> Does anyone know how i can configure ntlm fall-through, eg. try to
> authenticate the user local (via password entry in users file)
No, the "users" file doesn't authenticate anyone. It just adds a
"known good" password to the request. Some other module takes care of
authenticating the user.
> and if
> the user isn't found use ntlm-auth(or first ntlm and afterwards userfile
> is also ok)?
> If i comment out the ntlm-auth line in the mschap section of
> radiusd.conf the user is authenticate local.
See doc/configurable_failover. You should be able to add a statement
to the "authenticate" section saying "try FOO, and if that fails, try BAR".
This is really not a recommended configuration, however. It is
difficult to make it work well.
Perhaps you could say *why* you need this, rather than asking how to
implement a particular solution.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list