Project

General

Profile

Actions

Feature #8731

closed

FreeIPA support in FreeRADIUS package

Added by Andrew Cope over 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
FreeRADIUS
Target version:
-
Start date:
08/01/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

In order to use FreeRADIUS to authenticate against a FreeIPA LDAP server using mschapv2 the following section is required in /usr/local/etc/raddb/mods-enabled/ldap

update {
      ....snip......
      control:NT-Password··   := 'ipaNTHash'
      ....snip......
}

More details are available in this blog post: http://firstyear.id.au/blog/html/2016/01/13/FreeRADIUS:_Using_mschapv2_with_freeipa.html

Manually making this change in pfsense 2.4.3-RELEASE-p1/freeradius 0.15.5_2 allows it to work

Associated PR: https://github.com/pfsense/FreeBSD-ports/pull/546

Actions #1

Updated by Jim Pingle over 5 years ago

  • Status changed from New to Feedback

PR was merged earlier today.

Actions #2

Updated by Jim Pingle over 4 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF