I am trying to implement RADIUS authentication using Active Directory. I want requests to RADIUS to be sent to AD server and RADIUS responds according to its result.
I've already joined RADIUS server to domain, so I can do ntlm_auth --request-nt-key --domain=MYDOMAIN --username=user --password=password
and it works.
Now I am trying to make FreeRADIUS use ntlm_auth
according to this manual, but after adding
DEFAULT Auth-Type = ntlm_auth
to users
file radiusd
doesn't start. Without it radiusd
starts but doesn't authenticate using AD.
Error when radiusd
not starting:
/etc/raddb/mods-config/files/authorize[1]: Parse error (check) for entry DEFAULT: Unknown value 'ntlm_auth' for attribute 'Auth-Type'
Failed reading /etc/raddb/mods-config/files/authorize
/etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"
I am using FreeRADIUS 3.0.4, CentOS 7.2
How to make FreeRADIUS to proxy authentication requests to Active Directory?