AW: Feeding an LDAP replyItem to an MS-CHAPv2 ntlm_auth request
Alan DeKok
aland at deployingradius.com
Thu Jan 18 15:46:55 CET 2007
Haas Florian wrote:
> So, to clarify my original question. What I want is this:
>
> 1. Put the value of an LDAP attribute (sAMAccountName) into a variable when the
> user is authorized in LDAP.
> 2. Access that variable when the user is being authenticated via MS-CHAPv2, and
> put it into the --username argument of ntlm_auth.
>
> I do understand that this would require registering said variable in dictionary
> and ldap.attrmap. I also understand that I need to set up a proper filter in the
> configuration of the ldap module, for correct authorization of the "user" that's
> being identified by it servicePrincipalName in this case. I have done all that.
> What else would I need, if what I'm trying to do is at all possible?
It sounds like that should work.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list