Gary Gatten wrote:
I'm assuming I can do roughly the same thing with NTLM_AUTH? I have
to use NTLM_Auth for 8021x (right? - at least all docs say this),
No, they don't.
They say that you need to use ntlm_auth for authentication in
*certain* cases, when the user database is Active
[mailto:freeradius-users-bounces+ggatten=waddell@lists.freeradius.or
g] On Behalf Of Jason Alderfer
Sent: Tuesday, August 18, 2009 2:18 PM
To: FreeRadius users mailing list
Subject: Re: Dynamic VLAN attribute in LDAP or AD?
So, I'm trying to use 802.1x dynamic VLAN assignment. I have
10:34 AM
To: 'FreeRadius users mailing list'
Cc: 'Jason Alderfer'
Subject: RE: Dynamic VLAN attribute in LDAP or AD?
I'm assuming I can do roughly the same thing with NTLM_AUTH? I have
to use NTLM_Auth for 8021x (right? - at least all docs say this), so if
I don't HAVE to use LDAP all the better
depending on
the correctness of a password. This is an authorization question - what
kind of access will the authenticated user be given?
-Original Message-
From: Jason Alderfer [mailto:j...@emu.edu]
Sent: Monday, August 24, 2009 2:10 PM
To: Gary Gatten
Subject: RE: Dynamic VLAN
Message -
From: freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
freeradius-users-bounces+ggatten=waddell@lists.freeradius.org
To: freeradius-users@lists.freeradius.org
freeradius-users@lists.freeradius.org
Sent: Mon Aug 24 15:48:40 2009
Subject: RE: Dynamic VLAN attribute
So, by looking at this more carefully I'll have to do a bunch of
if/else's or cases? What if for instance I have 500 departments/groups
- 500 different vlans? I'll have to test each one?
I guess what I was hoping to do was something like:
Get attribute n for user y (where n = a value used
Agreed. I didn't know if I could do some group checking with ntlm_auth,
more accurately get a list of groups a user belongs to? If I used FQDN I
could prolly parse out the info I need from the user name as well:
gary.neteng.waddell Ill try LDAP - good learning experience!
No need. AD is
So, I'm trying to use 802.1x dynamic VLAN assignment. I have this
working when I conf the users file. However, I don't want to
create/maintain the users file for 2,000 users!
Is there an attribute in AD / LDAP I can use for the dynamic VLAN?
Ideally I could do this at the Group level,
@lists.freeradius.org
[mailto:freeradius-users-bounces+ggatten=waddell@lists.freeradius.or
g] On Behalf Of Jason Alderfer
Sent: Tuesday, August 18, 2009 2:18 PM
To: FreeRadius users mailing list
Subject: Re: Dynamic VLAN attribute in LDAP or AD?
So, I'm trying to use 802.1x dynamic VLAN assignment
Where coudl I put this code Authorize, autenticate, postatuh, ldap module?
2009/8/18 Jason Alderfer j...@emu.edu:
So, I'm trying to use 802.1x dynamic VLAN assignment. I have this
working when I conf the users file. However, I don't want to
create/maintain the users file for 2,000 users!
Where coudl I put this code Authorize, autenticate, postatuh, ldap module?
Authorize
So, I'm trying to use 802.1x dynamic VLAN assignment. I have this
working when I conf the users file. However, I don't want to
create/maintain the users file for 2,000 users!
Is there an attribute in
Gary Gatten wrote:
Dude, if it's this easy that would be SWEET! The How To's for TLS/PEAP
are a little outdated so I'm working on getting the CA working now
(CA.all doesn't exist anymore.)
See my message to the list of an hour or two ago. In v2, you have to
do almost *nothing* to get PEAP
Hi,
Where coudl I put this code Authorize, autenticate, postatuh, ldap module?
Authorize
postauth ?
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
13 matches
Mail list logo