Different Auth Methods based on client entries with ntlm_auth

O'Neil, Donald A. DONALD.A.O'NEIL at saic.com
Thu May 26 21:18:52 CEST 2011


Is there any way to perform a different authentication method based on the
specific client entry (or group of entries) using the ntlm_auth method?

We're implementing the ntlm_auth interface to AD, and need to specify the
group to authenticate against differently for different classes of
machines/devices. I've followed the instructions on
http://deployingradius.com/documents/configuration/active_directory.html and
it works great for one group when I add the option
--require-membership-of=SomeGroup but I need a way to figure out how to
specify that group name, perhaps based on the nastype, or some other
variable I can set in the client configuration.

Any ideas?


Don O'Neil
Senior Network Engineer
SAIC - CCSD Network Operations
(702) 351-7261 cell
(702) 799-6174 fax
0099-5941 wan
oneilda at saic.com






More information about the Freeradius-Users mailing list