PEAP against Samba PDC through auth_ntlm
Phil Mayers
p.mayers at imperial.ac.uk
Fri May 19 19:10:43 CEST 2006
Jérémy Cluzel wrote:
> Well, I search for "PEAP Machine Authentication", and I only found some
> of my posts concerning how to make machine auth working against a
> windows AD... nothing concerning a samba acting as PDC...
> As I said, PEAP auth (both machine and user) work against an AD, the
> problem only concerns the samba PDC.
> I found some posts where logins like "host\mahine_name" seem to be
> converted as "machine_name$" (like
> http://lists.freeradius.org/pipermail/freeradius-users/2006-March/051487.html),
> but none explains how to do this: hints file ? proxy.conf ? realms ?
> ntdomain_hack ?
CVS and 1.1.0+ versions of FreeRadius do this host\foo -> foo$
conversion for you inside the rlm_mschap module. Earlier versions will
need a hints file entry, something like:
DEFAULT User-Name =~ "^host\\\\(.*)"
User-Name = `$1$`
More information about the Freeradius-Users
mailing list