Freeradius PEAP/MSCHAPv2 against Apple OpenDirectory
Moritz Dereschkewitz
moenster at hotmail.de
Sat Feb 13 08:44:23 CET 2010
Am 13.02.2010 08:21, schrieb Alan DeKok:
> Moe D. wrote:
>
>> I got a machine up and running Freeradius 2.1.0 with SSL support to
>> secure a Wireless LAN. In our school’s network we (have to) use an Apple
>> Mac OS X 10.4 Server with Samba as the PDC. Samba stores the user
>> information using the OpenDirectory on the same server – using the NTLM
>> password hashes… so far, there should be no problem for Freeradius using
>> LDAP to connect to the OD an retrieve the NTLM hash to authenticate the
>> wireless clients.
>>
> Use the "mschap" module. Apple has contributed code to make
> FreeRADIUS work with Open Directory.
>
> Edit the "mschap" configuration, and add:
>
> use_open_directory = yes
>
> That's it.
>
> You may need to use a more recent version of FreeRADIUS. I suggest 2.1.8.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
Wow, that sounds great. I haven't read about the use_open_directory
option yet. Do I have to configure the mschap-module to connect to the
OD, since Freeradius is not running on the Apple server? E.g. specify
the server adress? Or does it find the server automatically?
Thanks four your help so far, Alan!
moenster
More information about the Freeradius-Users
mailing list