According to this documentation: http://deployingradius.com/documents/configuration/active_directory.html ; FreeRADIUS can authenticate Active Directory users using Samba's ntlm_auth, and in fact it works really well with the MSCHAPv2 protocol.
But using this method it's only possible to authenticate users with sAMAccountName from AD and we would like to authenticate users with it's userPrincipalName or email addresses.
How can I achieve this?
EDIT: Explaining better what I need. I need a way to parse the user login input. So if a user tries to login with an email address por example it will call a helper program to do a LDAP search and return the sAMAccountName to feed ntlm_auth. There's the FreeRADIUS preprocess module, but I don't know if I can use it for this purpose.
