Authorize with SQL and not authenticate
Alan DeKok
aland at deployingradius.com
Wed Jul 4 17:47:53 CEST 2018
On Jul 4, 2018, at 11:45 AM, Tom Yard <tomyyard at gmail.com> wrote:
>
> I've just have a default file with a LDAP + SQL queries for user
> authorization, and NTLM for user authentication.
>
> Also I want to just authorize hosts sending its MAC Addresses as its
> usernames according to a SQL query matching a Mac Address table, but I
> don't want to authenticate them because the Active Directory doesn't
> contain MAC Addresses as usernames.
Sure. But only if the user is doing PAP. It won't work for MS-CHAP, because each end authenticates the other. And both ends need the password.
> Is it possible just authorize with Freeradius and so let hosts to access
> the LAN network ?
Yes.
The question then is, what do MAC auth packets look like?
Alan DeKok.
More information about the Freeradius-Users
mailing list