Freeradius a openldap password policy
Angel L. Mateo
amateo at um.es
Thu Mar 12 09:58:36 CET 2015
Hello,
I am developing a freeradius3 server for eduroam authentication. My
users are in a openldap directory where I have ppolicy to ensure that
users change their password.
When authenticating from radius, I can use ldap as an authenticate
module, so it does a ldap bind as the user trying to connect and
password policy is handle correctly.
My problem is with EAP-PEAP using MSCHAP authentication. Is this
scenario, I can't use ldap to authenticate, only as authorize module
retrieving nt and lm passwords. So, is there any way to check that the
password used is not expired?
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868887590
Fax: 868888337
More information about the Freeradius-Users
mailing list