Backend Retry option
Alan DeKok
aland at ox.org
Mon Mar 20 18:26:19 CET 2006
"Craig T. Hancock" <chancock at nd.edu> wrote:
> My specific concern is that in order to do PEAP authentication(which is
> outside freeradiuses control) the ntlm_auth executable looks at smb.conf
> file to tell it where to send passwords using the smb.conf file
> "password server" option which only allows for one server name.
Ah. That's a limitation in Samba, not in FreeRADIUS. FreeRADIUS
*does* support multiple LDAP and/or SQL backends.
> Maybe this is inappropriate and I apologize, but correct me if i'm
> wrong when specifying the backend store in freeradius it only takes
> one server backend not multiple. So even if I were to spread the Radius
> load to multiple servers I still only have the option of one server
> per backend so I don't see how that address my overall issue?
For ntlm_auth, yes, because the server isn't treating it as a
backend data store.
I'd love to get a stand-alone module that can authenticate to AD
like Samba does. That would allow you to do what you want.
Alan DeKok.
More information about the Freeradius-Users
mailing list