Logging ntlm authentication
Garber, Neal
Neal.Garber at iberdrolausa.com
Thu Nov 11 04:04:10 CET 2010
> Could you please summarize what you did to log the output from
> ntlm_auth and MS_CHAP-Error?
Sure. I should mention that other options are available now that didn't exist when I created the solution below...
I have a PERL script that runs during authorize that obtains user/group or machine/container permissions for the NAS in question from XML files to determine whether the entity is authorized and it creates a Log-Data reply attribute containing all non-sensitive request attributes. This is then written to syslog during post-auth by another PERL script.
Our help desk and others use a .Net application that I wrote to display/filter the data from the current or past log files in a grid control. The log contains specifics of the request, authorization and authentication results/messages and reply attributes.
Does that answer your question?
More information about the Freeradius-Users
mailing list