PEAP authentication + LDAP attribute recovery

Kostas Kalevras kkalev at noc.ntua.gr
Mon May 14 10:10:12 CEST 2007


O/H Manuel Sánchez Cuenca έγραψε:
> Hi all,
>
> It is possible to configure freeradius to authenticate users using PEAP
> and then, for authenticated users, return some RADIUS attributes
> recovered from a LDAP server, such as Session-Timeout or
> Framed-IP-Address?. And in that case, how can I configure it?
>
> Thanks in adavance
>
>   
Yes. PEAP has specific restrictions on the password though (it should be 
clear text or NT-Password). rlm_ldap (in the authorize section) will 
retrieve any radius attributes present in the user entries (as well as 
in some other profiles). Check the doc folder for the rlm_ldap 
documentation and for the radius ldap schema.

-- 
Kostas Kalevras - Network Operations Center
National Technical University of Athens
http://kkalev.wordpress.com




More information about the Freeradius-Users mailing list