freeradius with ntlm-auth and server2012

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Jan 9 10:48:39 CET 2014


On 9 Jan 2014, at 08:39, Carsten Czerner <carsten.czerner at leuphana.de> wrote:

> Hi,
> 
> I tried to setup a radius server with ntlm_auth but it didn't work. I used this howto for the basic setup:
> 
> http://wiki.freeradius.org/guide/FreeRADIUS-Active-Directory-Integration-HOWTO
> 
> And I made some progress:
> 
> - The ntlm_auth returned "ok"
> - The radius_server accepted the pap-auth from the user-file

authorize {
	if (User-Password) {
		update control {
			Auth-Type := ntlm_auth
		}
	}
}

authenticate {
	Auth-Type ntlm_auth {
		ntlm_auth
	}
}

ntlm_auth should be called in authenticate, the decision to call it should be made in authorize.

the return code in the authenticate section is what determines whether the user will receive
an Access-Accepr or Access-Reject.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140109/cda3cd5b/attachment.pgp>


More information about the Freeradius-Users mailing list