EAP and System users?
Matt Ashfield
mda at unb.ca
Fri Mar 9 16:28:59 CET 2007
I guess what I meant was that we'd want to authenticate the user in one of
two ways:
(1) as a System User. So the clients credentials would be compared against
the system users,
OR, if no such user exists
(2) verify the client against credentials stored in LDAP.
Both of these scenarios work individually. Meaning I can configure FR to
authenticate System users. I can also configure FR to authenticate against
LDAP. But we cannot seem to combine them and offer both options.
Matt
mda at unb.ca
-----Original Message-----
From: Alan DeKok [mailto:aland at deployingradius.com]
Sent: March 9, 2007 11:21 AM
To: mda at unb.ca; FreeRadius users mailing list
Subject: Re: EAP and System users?
Matt Ashfield wrote:
>
> We've been working on having a setup that can authenticate users against
> LDAP via EAP (Chap) as well as System users.
http://deployingradius.com/documents/protocols/compatibility.html
LDAP doesn't do CHAP, so I'm not sure what you mean.
The only EAP methods that are compatible with /etc/password is
EAP-GTC, or TTLS with tunneled PAP.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list