All, I have successfully configured freeRadius using EAP-PEAP with: 1. GTC to authenticate user against local password 2. MSCHAPv2 to authenticate user against Active Directory via ntlm_auth following instructions on this link: http://wiki.freeradius.org/guide/FreeRADIUS-Active-Directory-Integration-HOWTO
I also understand from reading this link that EAP-GTC can be used (compatible) with ntlm_auth: http://deployingradius.com/documents/protocols/compatibility.html That said, if EAP-GTC can be used along with ntlm_auth how do I configure it to make that work? I tried to execute ntlm_auth passing --password=%{User-Password}, but that didn't work as User-Password is empty. It says in eap.conf that GTC challenges the user with text and the response from the user is taken to be the User-Password. Perhaps I am executing ntlm_auth too early before GTC Password challenge is sent out and received the response. My questions are: 1. How can I configure freeRadius so GTC will work with ntlm_auth? 2. Is it possible to send subsequent GTC challenge in addition to default Password challenge? If possible, how do I configure the subsequent GTC challenge? Thank you.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
