Using AD and SQL to authenticate Wi-Fi users

Andrés Gómez andres.gomez.ruiz at gmail.com
Fri Jun 26 22:09:55 CEST 2015


Hi Bruno.

Can you help me with the configuation to Active Directory to authenticate
WiFi users? is it different to this guide?  http://wiki.freeradius
.org/guide/FreeRADIUS-Active-Directory-Integration-HOWTO

Regards.

2015-06-18 12:34 GMT-05:00 Bruno de Paula Larini <
bruno.larini at riosoft.com.br>:

> Hi guys,
> I've been using FR (3.0.4) to authenticate Wi-Fi users against Active
> Directory and it is working fine. But now I need to check users in SQL
> database too, like this:
>
>     SSID1 -> check for users in AD
>     SSID2 -> check for users in SQL database
>
> I've managed to get it working, but only if the other authentication
> method is disabled. Only one would work at a time.
> To get SQL working, I've either commented the ntlm_auth from
> mods-enabled/mschap or added the following to the authorize section in
> sites-enabled/inner-tunnel:
>
> ...
> update control {
>         MS-CHAP-Use-NTLM-Auth := No
> }
> mschap
> ...
>
> Removing the above and/or uncommenting the ntlm_auth line, users from AD
> are authenticated successfully but SQL users are not.
>
> I wanted to use unlang to check if the request came from a specific
> Called-Station-Id, but the inner-tunnel doesn't bring this information and
> always return false.
>
> Is there some check I can use to know where the request came from?
>
> Thank you!
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html




-- 
*C. Andrés Gómez R.*


More information about the Freeradius-Users mailing list