It may be able to just pass on the hash to the AD or something, I'm not really sure. I just work with a database backend.
_____
From: Greger V. Teigre [mailto:greger@teigre.com] Sent: Tuesday, September 13, 2005 12:14 PM To: Chris St Denis; 'Jaroslaw Gawron'; serusers@lists.iptel.org Subject: Re: [Serusers] SER + Windows Domain
But in order to generate the hash, the radius server needs the clear-text password. That is not possible to get from AD.
g-)
---- Original Message ---- From: Chris St Denis To: 'Greger V. Teigre' ; 'Jaroslaw Gawron' ; serusers@lists.iptel.org Sent: Tuesday, September 13, 2005 09:01 PM Subject: RE: [Serusers] SER + Windows Domain
I believe the radius server can do the digest work (query for the username and password, generate the hash, and compare the digest sent from the sip message.
From: Greger V. Teigre [mailto:greger@teigre.com] Sent: Tuesday, September 13, 2005 11:37 AM To: Chris St Denis; 'Jaroslaw Gawron'; serusers@lists.iptel.org Subject: Re: [Serusers] SER + Windows Domain
Are you sure? AD stores hashed passwords and the digest auth method must be implemented. Even though the radius server can authenticate against AD (normally through the LDAP interface), you probably run into problems due to the hash. Another option is using IAS (Internet Authentication Server), basically a simple RADIUS server front-end to AD. I don't know if IAS supports digest, but I wouldn't bet on it. g-) ---- Original Message ---- From: Chris St Denis To: 'Jaroslaw Gawron' ; serusers@lists.iptel.org Sent: Tuesday, September 13, 2005 07:09 PM Subject: RE: [Serusers] SER + Windows Domain
You could do it with SER's radius authentication if you get a radius server that can interface with windows active directory.
I think FreeRadius can, but I've never tried.
From: serusers-bounces@iptel.org [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Jaroslaw Gawron Sent: Tuesday, September 13, 2005 4:33 AM To: serusers@lists.iptel.org Subject: [Serusers] SER + Windows Domain
Hi all
Is there a way to integrate sip authentication with Windows domain database - to integrate function www_authorize with the Active Directory ? If anyone know how to solve this problem - any suggestions are very welcome. Best regards,
Jaroslaw Gawron
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers