Depends on the authentication protocol you will be using on
the client, if you are using Cisco Leap which uses MSCHAP as transport, to
authenticate with the NT Domain you'll have to pull the password hashes from the
NT database every 5 minutes or so (you can use pwdump3), a sed line to format
the file (lowercasing every user, adding 0x to every password), and
configuring rlm_passwd to use the resulting file (you'll have
to tell Freeradius to lowercase users also), you can even add groups
to match in the huntgroups file using SAMBA, winbind, and sed
again.
Hope it helps.
From: Chris Waters [mailto:[EMAIL PROTECTED]
Sent: Friday, January 30, 2004 9:43 AM
To: [EMAIL PROTECTED]
Subject: Freeradius NT AuthenticationHello,
I have been tasked with setting up a radius server for our wireless authentication using our existing NT domain credentials. Freeradius(0.9.3) is running on a linux box, and our domain is still an NT4 domain. What experiences have the list users had with this and is anyone willing to so me an exisiting working config?
(learn by example)
Chris Waters
Advertencia:La informacion contenida en este mensaje es confidencial y restringida, por lo tanto esta destinada unicamente para el uso de la persona arriba indicada, se le notifica que esta prohibida la difusion de este mensaje. Si ha recibido este mensaje por error, o si hay problemas en la transmision, favor de comunicarse con el remitente. Gracias.
