PEAP authentication + LDAP attribute recovery
Kostas Kalevras
kkalev at noc.ntua.gr
Mon May 14 10:10:12 CEST 2007
O/H Manuel Sánchez Cuenca έγραψε:
> Hi all,
>
> It is possible to configure freeradius to authenticate users using PEAP
> and then, for authenticated users, return some RADIUS attributes
> recovered from a LDAP server, such as Session-Timeout or
> Framed-IP-Address?. And in that case, how can I configure it?
>
> Thanks in adavance
>
>
Yes. PEAP has specific restrictions on the password though (it should be
clear text or NT-Password). rlm_ldap (in the authorize section) will
retrieve any radius attributes present in the user entries (as well as
in some other profiles). Check the doc folder for the rlm_ldap
documentation and for the radius ldap schema.
--
Kostas Kalevras - Network Operations Center
National Technical University of Athens
http://kkalev.wordpress.com
More information about the Freeradius-Users
mailing list