Trying to setup FreeRadius w/ LDAP(ActiveDirectory), PEAP

classic Classic list List threaded Threaded
2 messages Options
| Threaded
Open this post in threaded view
|

Trying to setup FreeRadius w/ LDAP(ActiveDirectory), PEAP

Andrew Daniels
I'm probably over complicating this, and I've searched the archives for
two days now, I've googled for twice that, and I can't seem to find a
clear, "howto" on setting this up.

Here's my goals:

1) Freeradius
2) EAP-TLS -> PEAP (for secure, non-client certificate)
3) LDAP for user authentication


I can copy my current configurations, but it's really irrelevant, if
someone can just point me to a guide on how to set this up, I'll start
from scratch, here's one I tried, and failed:

http://www.tldp.org/HOWTO/8021X-HOWTO/freeradius.html

I also read all three of the Paranoid Penguin articles from Linux Journal,
though that dealt with TLS and client certificates.

Here's my enviornment:

Windows XP SP2 clients
Foundry Wireless AP's
Active Directory

FreeRadius v1.0.4 running on SuSE Linux 9.3 Professional

What other information would anyone like?

Andrew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Trying to setup FreeRadius w/ LDAP(ActiveDirectory), PEAP

Alan DeKok
Andrew Daniels <[hidden email]> wrote:
> 1) Freeradius
> 2) EAP-TLS -> PEAP (for secure, non-client certificate)
> 3) LDAP for user authentication

  AD isn't an LDAP server.

  At least, not for passwords, it isn't.  You've got to use ntlm_auth.
See radiusd.conf.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html