How to authenticate users against a Windoze AD server with krb5?
Alan DeKok
aland at ox.org
Tue May 31 19:08:41 CEST 2005
Arne =?utf-8?q?G=C3=B6tje?= (=?utf-8?q?=E9=AB=98=E7=9B=9B=E8=8F=AF?=)" <arne at linux.org.tw> wrote:
> I'm trying to authenticate users against a Windows AD server using the
> krb5 module... but due to missing documentation on how to do this, I'm
> stuck.
The rlm_krb5 module takes a clear-text password from a RADIUS
packet, and uses it to authenticate via kerberos. This may work
against AD, but I don't think anyone has tried it.
> When I try to get a Kerberos ticket using kinit on the radius machine,
> it works. But when I try to use the krb5 module, it always gives me a
> Reject...
Run the server in debugging mode, and post the output here.
Alan DeKok.
More information about the Freeradius-Users
mailing list