A better solution would be to port the PPPd winbind code to
rlm_winbind, but it's not trivial.
Would this also work for the 802.1X Computer authentication?
Tom.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, 2004-04-07 at 02:33, Tom Rixom wrote:
Would this also work for the 802.1X Computer authentication?
I'm 99% sure it would. The computer accounts use the same
authentication mechanism as the user accounts do.
--
--Mike
---
Michael Griego
Wireless LAN
On Wed, 2004-04-07 at 11:57, Steve OBrien wrote:
Does anyone know if you can use Kerberos for user authentication for
PEAP?
Not unless there's an EAP-Kerberos (EAP-KRB?) to be used for the
inside-tunnel authentication. I, however, never heard of any work being
done on an EAP-Kerberos method.
Jack J [EMAIL PROTECTED] wrote:
Question: Can FreeRADIUS use ntlm_auth from Samba
to make this happen ?
I mean: PEAP w/MSCHAPv2 and using AD as User
profile storage ?
I have no idea.
I think that we'll need a rlm_winbind module to do this. There's
winbind code out there which can be
Hi Alan,
rlm_winbind:
I see Samba 3.0.2 has winbind code available.
Andrew Barlett of Samba (author of winbind)
has made it available.
Is anyone working or planning to work on
rlm_winbind module for FreeRADIUS ?
(That is : make a similar port which Andrew did
for pppd to FreeRADIUS) ??
Thank
this.
I wish I could help you further. Good luck.
T.
-Original Message-
From: Jack J [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 06, 2004 7:52 PM
To: [EMAIL PROTECTED]
Cc: Tom Rixom
Subject: RE: PEAP w/MS-CHAPv2:: Wireless Authentication
against Windows
AD as user profile
AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Wireless Authentication against
Windows AD
Can someone please advice ?
Thanks,
--- Jack J [EMAIL PROTECTED] wrote:
Kevin,
I am trying to use MSCHAPv2 w/ PEAP against AD
using FreeRADIUS
If userprofile is on LDAP I think it would work
since
LDAP bind/search would return userPassword attribute,
where as AD does not. Thus CHAP cannnot be done in AD
case. Is this true ?
Does anyone know how the LDAP lookup
works against AD? Does it actually get the password (doubtful) or
does it
Jack J [EMAIL PROTECTED] wrote:
If one has Supplicant (client) configured for
EAP-PEAP w/ MS-CHAPv2 and on FreeRADIUS (or any
other RADIUS server) configured to terminate PEAP
w/MS_CHAPv2, but user profiles are stored on
Active Directory.
Does FreeRADIUS support this ?
Yes, but AD
Question: Can FreeRADIUS use ntlm_auth from Samba
to make this happen ?
or Kerberos?
TIA,
Steve
Can someone please advice ?
Thanks,
--- Jack J [EMAIL PROTECTED] wrote:
Kevin,
I am trying to use MSCHAPv2 w/ PEAP against AD
using FreeRADIUS.
Could you please shed some light/pointers on
how to configure this ?
Thanks,
--- Kevin C Miller [EMAIL PROTECTED] wrote:
Does anyone
Does anyone know if wireless authentication
(LEAP, PEAP, EAP, TLS, TTLS) is possible using freeradius authenticating
to Windows AD without having to enter usernames or any user information
on the freeradius box? I am still not sure why it cannot use the
LDAPS connection that I have working from
Does anyone know if wireless authentication (LEAP, PEAP, EAP, TLS, TTLS)
is possible using freeradius authenticating to Windows AD without having
to enter usernames or any user information on the freeradius box? I am
still not sure why it cannot use the LDAPS connection that I have working
from
: Wireless Authentication
against Windows AD
Does anyone know if wireless authentication (LEAP,
PEAP, EAP, TLS, TTLS)
is possible using freeradius authenticating to Windows AD without
having
to enter usernames or any user information on the freeradius box?
I am
still not sure why it cannot use
14 matches
Mail list logo