Authenticate with machine account and without ntlm_auth
Alan DeKok
aland at deployingradius.com
Tue Nov 19 14:11:11 UTC 2024
On Nov 19, 2024, at 8:47 AM, Alexey D. Filimonov <alexey at filimonic.net> wrote:
> The problem is people who use FreeRADIUS and who develop FreeRADIUS are different people. Without deep-diving to code, you can not create documentation.
Not true. There's plenty of opportunity to write "how to" examples.
Or, many people on this list are getting paid to do FreeRADIUS installs and support. Yet the number of those willing to contribute, or pay the core team to do work is pretty much zero.
> For example, calling ldap.authorize inside authenticate section - who knew it is possible this way...
https://www.freeradius.org/documentation/freeradius-server/3.2.7/unlang/keywords.html
It's documented. <sigh>
So the documentation is terrible, but pretty much every time people say this, the things they want documentation for are already documented.
> Because I'm switching to FreeRADUIS and trying to get into it. About contributing - I'm currently making an article about a way of providing EAP-TLS Wi-Fi and EAPoL for Puppet\FreeIPA\DogTag\FreeRADIUS\Linux enterprise environment to make it possible to join together all parts of this quest. I could not find any guide for that.
That's good.
> Please don't swear on me, I just notified Rodrigo that for existing windows enterprise environment there is a ready-to-use book and solution. FreeRADIUS does not have one. If I ever switch my Windows clients from NPS to FreeRADIUS, I will make an article about it.
>
> BTW, FreeRADIUS should have something like open wiki for that.
There is a wiki. We made it read-only because the only changes in the last 5-10 years were spammers.
Alan DeKok.
More information about the Freeradius-Users
mailing list