Freeradius the right tool as Windows Authentication Proxy?

Thomas Stieglitz Starglider7 at web.de
Mon Nov 7 17:39:16 CET 2005


Hello all,

I'm new on this list - and a little bit with the subject "free radius" and radius technology, too. So sry in advance, if I'm off topic ;-) or if the question was already asked, I didn't find it within the mailing list's  archive. I've got a conceptional problem, and I'm woundering whether freeradius might be the aporopiate tool to solve it.

We're running an apache 1.X webserver, which is located at an external provider. My problem is, that we need to authenticate webusers against our Windows 2000 Active Directory, which is located in our companies' local network.

My idea is, to locate an Freeradius Server in the DMZ. This server would have the job, to accept calls from the webserver (over an IP-Tunnel), ask the AD whether username and password are o.k. and return this information to the webserver.

Here are my questions in particular:
1) Is this idea a possible solution ... the right use of an radius-server? And, if yes: is freeradius the right tool for it?
2) If yes: Is it also possible, to gain group information about a user. (i. e. Is Fred Member of Group Foo? Which groups is Fred member of?)
3) if yes: how do I find an entry point for further information about this special subject?
4) Is someone out there running an simular configuration and give me an hand, hints, show me quirks etc.?

I'm happy for any advice, thanks in advance for it!

Tom


______________________________________________________________
Verschicken Sie romantische, coole und witzige Bilder per SMS!
Jetzt bei WEB.DE FreeMail: http://f.web.de/?mc=021193




More information about the Freeradius-Users mailing list