Advertisement

07.08.2008 at 02:34AM PDT, ID: 23545921
[x]
Attachment Details

802.1x authentification issue (freeradius+activedirectory)

Asked by Gothvf in Linux Networking, Windows Networking, Linux Network Security

Tags: FreeRadius / Ubuntu 8.1, FreeRadius, 2.0

Hello,

I set up an anthentication method with the following architecture:

Client (windows xp or vista ) ==> Cisco switch ==> freeradius (version 2.0.5) ==> winbind ==> Samba ==> active directory (windows 2003).

Working like a charm when users logs with their login and pass, anyway they have to ID twice.
First one for 802.1x and another for domain or there is an issue when AD password is changed.

Therefore i would like to know how to identify the computer (which is known by AD aswell) rather than  the user.
I guess i have to tweak up the following lines in radiusd.conf:

ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} -$

Or maybe there is an opensource supplicant software around that could bind both authentifications.

Thanks by advance for any advice.

Regards,
Start Free Trial
[+][-]07.30.2008 at 02:59PM PDT, ID: 22125174

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Linux Networking, Windows Networking, Linux Network Security
Tags: FreeRadius / Ubuntu 8.1, FreeRadius, 2.0
Sign Up Now!
Solution Provided By: noci
Participating Experts: 1
Solution Grade: A
 
 
[+][-]08.24.2008 at 12:45PM PDT, ID: 22301828

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 7-day free trial to view this Administrative Comment or ask the Experts your question.

 
[+][-]08.28.2008 at 08:08PM PDT, ID: 22342088

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 7-day free trial to view this Administrative Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628