EAP with FreeRadius and Azure Active Directory
S.P.Armitage at lboro.ac.uk
Fri Sep 2 09:06:22 CEST 2016
> On 1 Sep 2016, at 23:09, Graeme Gellatly <graemeg at roof.co.nz> wrote:
> Thanks Alan,
> That guide is for Active Directory, not Azure Active Directory which is very different. I was actually reading it when your mail came in. The auth workflow is oauth2 based for Azure, no NTLM.
> Guess I'll need to experiment with the new Domain Services feature of Azure and a VPN. There are reports of it working with other radius servers. Bit that sucks is I already had samba authenticating using oauth.
I haven’t used Azure but a quick google suggests RADIUS Authentication and Azure Multi-Factor Authentication Server. This seems to suggest you proxy the inner tunnel (MSCHAPv2) to the Azure MFA server. Doesn’t seem very secure to me proxying MSCHAPv2 across the Internet.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 204 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Freeradius-Users