Using AD and SQL to authenticate Wi-Fi users
Bruno de Paula Larini
bruno.larini at riosoft.com.br
Thu Jun 18 19:34:55 CEST 2015
Hi guys,
I've been using FR (3.0.4) to authenticate Wi-Fi users against Active
Directory and it is working fine. But now I need to check users in SQL
database too, like this:
SSID1 -> check for users in AD
SSID2 -> check for users in SQL database
I've managed to get it working, but only if the other authentication
method is disabled. Only one would work at a time.
To get SQL working, I've either commented the ntlm_auth from
mods-enabled/mschap or added the following to the authorize section in
sites-enabled/inner-tunnel:
...
update control {
MS-CHAP-Use-NTLM-Auth := No
}
mschap
...
Removing the above and/or uncommenting the ntlm_auth line, users from AD
are authenticated successfully but SQL users are not.
I wanted to use unlang to check if the request came from a specific
Called-Station-Id, but the inner-tunnel doesn't bring this information
and always return false.
Is there some check I can use to know where the request came from?
Thank you!
More information about the Freeradius-Users
mailing list