Using freeradius 1.1.5 samba 3.0.24...i have an interesting problem, 
and was curious what methods other people would take to solve it. 

    I am setting up radius for our new wpa2 wireless network, which 
means that windows machine auth should work so that people can LOGIN to 
their laptops.  i have it working (with a slight hack).  when a windows 
xp machine sends its machine auth to radius it sends 
host/machinename.activedirectorydomain.domain.domain.  so freeradius 
takes the activedirectorydomain part of that and assumes that the 
domain's actual name (what you use for authentication)  in our 
case....blame the windows people, that is NOT the case.  example 
computer.ad.clarku.edu is the dns name...however that computer is 
actually joined to the CLARKU domain..so the authentication needs to be 
against the CLARKU domain as the AD domain doesn't exist.  does that 
make sense?  any ideas?

the hack i have in place is a hardcoded domain of CLARKU in the 
NTLM_AUTH check(this can't stay as we have multiple domains).

thanks in advance for any insight.

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to