MSCHAP Combining AD Authentication with External Script
aland at deployingradius.com
Mon May 3 14:45:45 CEST 2021
On May 3, 2021, at 2:30 AM, Vertigo Altair <vertigo.altair at gmail.com> wrote:
> I want to combine AD Authentication with my external script. I know it's
> not recommended to use an external script but I have to use that..
> In my external script, basically I'm providing the cleartext-password to
> FreeRADIUS if the username is correct.
> I'm trying to working with two scenarios;
> 1. Try to authenticate first using the external script, if this script
> returns reject, this time try with authentication with the AD.
That's likely to work.
> 2. Try to authenticate first using the AD server, if the AD server returns
> reject, this time try with the external script.
That will probably not work. There are a host of technical reasons, but I don't think details matter here.
More information about the Freeradius-Users