Err... no. That won't work.
> But the vpn cisco clients are authenticated through
domainname\username
> and password
Then you don't need to edit the mschap configuration.
>
> Is this ntlm_auth2 in the mschap ok ? or should I remove
> --domain=%{%{mschap:NT-Domain}:} ?
Delete the "ntlm_auth2" line from the mschap config. It does nothing.
> I also changed users to :
>
> DEFAULT Auth-Type := ntlm_auth2,Huntgroup-Name == "vpn"
That should work.
Dear Alan
Yest , it'working, but I had to change the users file, cause it falled
down always into ntlm_auth2, when I wante to authenticate with my
username
Now it looks like:
DEFAULT Auth-Type := ntlm_auth2,Huntgroup-Name == "vpn"
Fall-Through = Yes
username Auth-Type := ntlm_auth
Service-Type = NAS-Prompt-User,
cisco-avpair = "shell:priv-lvl=15"
And this works, but only with one domain. I need to check how it works
with more domains
BY for now thanks a lot, I will let you know
Pet
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
