EAP-TTLS (PAP) not working with NT domain - debian freeradius 1.1.7
James McOrmond
jamesm at xandros.com
Mon Mar 24 22:45:35 CET 2008
Alan DeKok wrote:
> James McOrmond wrote:
>
>> With that, and a few configuration options (like making sure the host
>> was connected to the domain and ntlm_auth functioned as required), i've
>> managed to get PEAP and EAP-MSCHAPv2 working fine to the ntdomain.
>>
>
> The guides for *that* are online.
>
that's what made it easier :-)
>> EAP-TTLS works fine with an account in the "users" file that has a clear
>> text password, as well as a local /etc/password account. Ideally this
>> should work with the ntdomain as well.
>>
>
> Yes. You will need to configure a *separate* module to do ntlm_auth
> authentication via PAP.
>
> Something like:
>
As per previous emails, since i'm using samba/ldap i'm able to pull the
nt/lmpassword fields directly out of the ldap. Should this method
negate the use of the ntlm_auth method?
--
James A. McOrmond (jamesm at xandros.com)
Network Administrator
Xandros Corporation, Ottawa, Canada.
Morpheus: ...after a century of war I remember that which matters most:
*We are still HERE!*
More information about the Freeradius-Users
mailing list