We help IT Professionals succeed at work.
Get Started

802.1x authentification issue (freeradius+activedirectory)

1,340 Views
Last Modified: 2012-05-05
Hello,

I set up an anthentication method with the following architecture:

Client (windows xp or vista ) ==> Cisco switch ==> freeradius (version 2.0.5) ==> winbind ==> Samba ==> active directory (windows 2003).

Working like a charm when users logs with their login and pass, anyway they have to ID twice.
First one for 802.1x and another for domain or there is an issue when AD password is changed.

Therefore i would like to know how to identify the computer (which is known by AD aswell) rather than  the user.
I guess i have to tweak up the following lines in radiusd.conf:

ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} -$

Or maybe there is an opensource supplicant software around that could bind both authentifications.

Thanks by advance for any advice.

Regards,
Comment
Watch Question
Software Engineer
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This problem has been solved!
Unlock 1 Answer and 1 Comment.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE