FreeRadius and LDAP/AD username/password check
Alan DeKok
aland at deployingradius.com
Mon Feb 18 14:15:45 CET 2008
Mats Blomgren B wrote:
> Today I check the "etc/passwd" for the usernames and passwords and
> fetches the users default group from "etc/passwd".
I'm not so sure...
> #/usr/local/etc/raddb/users
> DEFAULT Group == "admin-network", Auth-Type = System
This checks /etc/groups, via the getgrent() call. It sees if the user
is a member of that group, not if that is the user's default group.
> I have been browsing the mailing list, wiki and google trying to find
> out if anyone has done the following:
> 1. I want to check the username/password against LDAP/AD instead of
> directly towards "etc/passwd".
Configure the LDAP module. See the various howto's.
> 2. After that I would like to continue by fetching the user's default
> group from the Solaris 10 system (/"etc/passwd") to give it rights
> depending on which group the user belongs to.
You don't have to change anything in your current configuration.
Alan DeKok.
More information about the Freeradius-Users
mailing list