A better solution would be to port the PPPd winbind code to
rlm_winbind, but it's not trivial.
Would this also work for the 802.1X Computer authentication?
Tom.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, 2004-04-07 at 02:33, Tom Rixom wrote:
Would this also work for the 802.1X Computer authentication?
I'm 99% sure it would. The computer accounts use the same
authentication mechanism as the user accounts do.
--
--Mike
---
Michael Griego
Wireless LAN
On Wed, 2004-04-07 at 11:57, Steve OBrien wrote:
Does anyone know if you can use Kerberos for user authentication for
PEAP?
Not unless there's an EAP-Kerberos (EAP-KRB?) to be used for the
inside-tunnel authentication. I, however, never heard of any work being
done on an EAP-Kerberos method.
Jack J [EMAIL PROTECTED] wrote:
Question: Can FreeRADIUS use ntlm_auth from Samba
to make this happen ?
I mean: PEAP w/MSCHAPv2 and using AD as User
profile storage ?
I have no idea.
I think that we'll need a rlm_winbind module to do this. There's
winbind code out there which can be
Hi Alan,
rlm_winbind:
I see Samba 3.0.2 has winbind code available.
Andrew Barlett of Samba (author of winbind)
has made it available.
Is anyone working or planning to work on
rlm_winbind module for FreeRADIUS ?
(That is : make a similar port which Andrew did
for pppd to FreeRADIUS) ??
Thank
this.
I wish I could help you further. Good luck.
T.
-Original Message-
From: Jack J [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 06, 2004 7:52 PM
To: [EMAIL PROTECTED]
Cc: Tom Rixom
Subject: RE: PEAP w/MS-CHAPv2:: Wireless Authentication
against Windows
AD as user profile
If one has Supplicant (client) configured for
EAP-PEAP w/ MS-CHAPv2 and on FreeRADIUS (or any
other RADIUS server) configured to terminate PEAP
w/MS_CHAPv2, but user profiles are stored on
Active Directory.
Does FreeRADIUS support this ?
If userprofile is on LDAP I think it would work since
If userprofile is on LDAP I think it would work
since
LDAP bind/search would return userPassword attribute,
where as AD does not. Thus CHAP cannnot be done in AD
case. Is this true ?
Does anyone know how the LDAP lookup
works against AD? Does it actually get the password (doubtful) or
does it
Jack J [EMAIL PROTECTED] wrote:
If one has Supplicant (client) configured for
EAP-PEAP w/ MS-CHAPv2 and on FreeRADIUS (or any
other RADIUS server) configured to terminate PEAP
w/MS_CHAPv2, but user profiles are stored on
Active Directory.
Does FreeRADIUS support this ?
Yes, but AD
Question: Can FreeRADIUS use ntlm_auth from Samba
to make this happen ?
or Kerberos?
TIA,
Steve
10 matches
Mail list logo