Dell PowerConnect W Clearpass 100 Software 3.7 Deployment Guide - Page 415
Authentication Module Configuration
View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 415 highlights
Authentication Module Configuration Table 51 Authentication Module Configuration Settings Value Description module.pap = yes PAP module to authenticate users based on their stored password. pap.encryption_scheme = crypt The PAP module supports multiple encryption schemes: clear: Clear text crypt: Unix crypt md5: MD5 encryption sha1: SHA1 encryption module.chap = yes Authenticates requests containing a CHAP-Password attribute. module.pam = yes Pluggable Authentication Modules for Linux. module.unix = yes Unix /etc/passwd style authentication. unix.cache = no Cache /etc/passwd, /etc/shadow, and /etc/group for authentication. The default is to not cache them. Allowed values: no, yes unix.cache_reload = 600 If the cache is enabled, reloads its contents every 'cache_reload' seconds. Use 0 to disable. module.mschap = yes Microsoft CHAP authentication. This module supports MS-CHAP and MS-CHAPv2 authentication. It also enforces the SMB-Account-Ctrl attribute. mschap.use_mppe = no If 'use_mppe' is set to 'yes', the mschap module will add MS-CHAP-MPPEKeys for MS-CHAPv1 and MS-MPPE-Recv-Key/MS-MPPE-Send-Key for MS-CHAPv2. mschap.require_encryption = yes If 'use_mppe' is enabled, 'require_encryption' makes encryption moderate. mschap.require_strong = yes 'require_strong' always requires 128 bit encryption. mschap.with_ntdomain_hack = no Windows sends us a username in the form of DOMAIN\user, but sends the challenge response based on only the user portion. This workaround corrects for that incorrect behavior. mschap.ntlm_auth The module can perform authentication itself, or use a Windows Domain Controller. This configuration directive tells the module to call the ntlm_auth program, which will do the authentication, and return the NT-Key. Note that you MUST have "winbindd" and "nmbd" running on the local machine for ntlm_auth to work. See the ntlm_auth program documentation for details. Amigopod 3.7 | Deployment Guide Reference | 415