Hello FreeRADIUS-users,
I have to set up a FreeRADIUS-server to authenticate notebooks and PCs (Win2000, WinXP, Linux) via the existing Windows-NT PDC (will be replaced with Server2003 sometimes) and add them to their matching VLAN (using HP 2524-switches).
Can someone give me a few hints what might be the best way to do this ?
Through the lack of consistent documentation i can't see how to move on.
The urgent questions in detail :
1. The Windows-NT server is not allowed to deliver plaintext-passwords, so which authentication-protokol should be used ? EAP-MD5 would be fine, but does it work without plaintext-passwords ?
2. How to get the passwords from the PDC at all ? I've read about rlm_smb (but is not included in the used Debian-Sarge-packet), ntlm_auth, winbindd, PAM_winbind and the SMB-Method described in the experimental.conf *puh* ???
3. If the things above work, how to define which user belongs to which VLAN and get RADIUS to tell this to the authenticator ?
4. And finally - how to set up a centralized/convenient administration method for the whole thing which makes it easy to add/delete users ?
Thanky you very much for every help! Mark Wasmer
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
