Re: ldap auth based on user acc and dialupaccess attr
On 7/11/07, Alan Walters <[EMAIL PROTECTED]> wrote: > On Tue, 2007-07-10 at 10:34 +0100, [EMAIL PROTECTED] wrote: > > >Im currently trying to setup FR to authenticate a user / machine > > >regardless of password > > .. > > >In the end I hope to have the ldap check if dialup access is allowed, > > >if it is then check if user / pass is correct via ntlm. > > > > This makes no sense. If you are going to authenticate users regardless of > > the password (based on that dialup flag), what is the point in checking > > passwords with ntlmauth (or Ldap)? > > i think the point of this is you can use the flag to disable access to > the account without changing password > yes thats what I am after, this way users can still log into the domain on a wired connection but wireless access will be controlled by the dialupAccess attribute. > if dialup access is off don't auth if it is on check password if > password is right auth > > dialup access should be TRUE or FALSE though > > > > > Ivan Kalik > > Kalik Informatika ISP > > > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap auth based on user acc and dialupaccess attr
On Tue, 2007-07-10 at 10:34 +0100, [EMAIL PROTECTED] wrote: > >Im currently trying to setup FR to authenticate a user / machine > >regardless of password > .. > >In the end I hope to have the ldap check if dialup access is allowed, > >if it is then check if user / pass is correct via ntlm. > > This makes no sense. If you are going to authenticate users regardless of > the password (based on that dialup flag), what is the point in checking > passwords with ntlmauth (or Ldap)? i think the point of this is you can use the flag to disable access to the account without changing password if dialup access is off don't auth if it is on check password if password is right auth dialup access should be TRUE or FALSE though > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap auth based on user acc and dialupaccess attr
>Im currently trying to setup FR to authenticate a user / machine >regardless of password .. >In the end I hope to have the ldap check if dialup access is allowed, >if it is then check if user / pass is correct via ntlm. This makes no sense. If you are going to authenticate users regardless of the password (based on that dialup flag), what is the point in checking passwords with ntlmauth (or Ldap)? Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: ldap auth based on user acc and dialupaccess attr
Forgot to paste the radiusd.conf url - http://pastebin.ca/611795 On 7/10/07, Jacob Jarick <[EMAIL PROTECTED]> wrote: > Hello, > Im currently trying to setup FR to authenticate a user / machine > regardless of password, provided that the account exists and that > DialupAccess = 1. Im a bit stuck atm because I do not know how to > ignore the passwd failing the ldap check. > > In the end I hope to have the ldap check if dialup access is allowed, > if it is then check if user / pass is correct via ntlm. Once I have > ldap working as I want it to then I will add ntlm auth. > > Running gentoo with 2.6.20 kernel > freeradius 1.1.6 > windows 2003 server > radiusd.conf > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ldap auth based on user acc and dialupaccess attr
Hello, Im currently trying to setup FR to authenticate a user / machine regardless of password, provided that the account exists and that DialupAccess = 1. Im a bit stuck atm because I do not know how to ignore the passwd failing the ldap check. In the end I hope to have the ldap check if dialup access is allowed, if it is then check if user / pass is correct via ntlm. Once I have ldap working as I want it to then I will add ntlm auth. Running gentoo with 2.6.20 kernel freeradius 1.1.6 windows 2003 server radiusd.conf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html