Hello!
We have a LDAP-server, 389-ds, storing the users. It is managed by
Keycloak mainly, the users registered there are duplicated to the
LDAP-server.
We want to use PEAP-M$chapv2 on packetfence. For this, as we do not have
any NThashes on the LDAP-Server, I thought it would be nice if users
could login to a self-service via LDAP-authentication and configure one
themself. This NThash should only be stored in the local database of
packetfence. This would mean two passwords: One stored on the
LDAP-server to login to the self-service and one in the local database
to perform handshake checks for M$chapv2.
Is this configuration even possible? If so, could you help me a little
bit by pointing me to the right direction? And if not, what would you do
in my situation?
A workaround I considered would be that the users could register by
email and that only certain domains are allowed, the ones of the
company. But I do not like that because it would be too complicated for
the BDU.. :/
Thanks in advance!
Markus B
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
