Auth-Type LDAP and testing for if(reject)
Harry Hoffman
hhoffman at ip-solutions.net
Mon Feb 1 20:48:43 CET 2010
Hi,
So, I'm trying to get multiple sources of authentication (i.e. LDAP and
Active Directory via ntlm_auth) working from a Cisco ASA to freeradius-2.x.
The username and password come over in clear text. The Auth-Type is
being set to LDAP and works with ldap. If I switch from ldap to
ntlm_auth in Auth-Type LDAP { ... } in the authenticate section of the
default server then I can authenticate to Active Directory.
I've tried doing the following to have a "continue on fail"
authenticate{
...
Auth-Type LDAP{
ldap
if(reject){
ntlm_auth
}
}
This doesn't work. If I give my AD credentials the authenticate rejects
on ldap and never goes to ntlm_auth.
Any ideas what I can do to get this to work?
Cheers,
Harry
More information about the Freeradius-Users
mailing list