MSCHAP authentication against Active directory OR MySQL

Krzysztof Grobelak kgrobelak at airspeed.ie
Thu Jun 12 15:49:12 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello All,

On my freeRADIUS instance i am able to authenticate MSCHAP requests
against Active Directory using the ntlm_auth module and Samba
aditionally i can authenticate another group of WiMAX devices with
MACHAP against MySQL database. But if I enable the config for WiMAX
devices the are being authenticated aginst Active Directory and not
the MySQL db. Now I would like to be able to configure the server so
that both groups can be authenticated local users against Active
Directory and the WiMAX devices against database.

Can you guys advice how i can make it happen? I suspect unlang will be
needed to do this but if you could specify how exactly it would be
awesome.

would it be something along those lines??

authorise{
	mschap{
		if("%{NAS-IP-Address}" == "1.1.1.1"){
			sql
		}
		else{
			ntlm_auth
		}
	}
}

I hope I did not mixed up terminology too much ;)

Regards,
Krzysztof
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTma/YAAoJEM/U1HoKR/xkaq0IAJOcPRpsH61wh8sVHrafl0da
mCVYN/T94FRSVsOgRtpCpz3zKtfiorla2bL06RN+EQhPxtyist8dX1xNyUnzETaR
QcY+/OCDHtVtWX4GGiOMP75DaUNDOj76NtAGLZOe+48Jtjvv3aoSCO4MZgUhbIbN
wY4vKxeuA5PJ0SVQD1D8rWIKxxZNwLj24gCowpAA9TJsS1qpqZfLMwYd+uu/vo1O
1ztX7rhkzFdNAn8fJkIpHQLPad0PcAohHevbwIzgivHBtM2euYHvgjFY7yQurSXh
G0WuoeWSri3oc3QriTiMc+wIQb1QTSvyTzZwjXhcdB3D0NGJKe3MIPJfCQDIk80=
=Fhp6
-----END PGP SIGNATURE-----



Airspeed Telecom


More information about the Freeradius-Users mailing list