ldap and ad for 802.1x
lenny at aecom.yu.edu
lenny at aecom.yu.edu
Wed Jul 1 20:09:27 CEST 2009
Hello,
I'm trying to figure out the necessary steps and configs to make the
following happen. 2 groups of users, one residing in ldap with
samba/ntlm hashes and another in AD, need to authenticate through Radius
servers for 802.1x wireless. At this point, I have the Radius server
successfully authenticating the users in LDAP, using their Samba
credentials, but it's a different story with AD. I joined Samba from the
Radius box into the AD domain and I'm able to test authentication
successfully with ntlm_auth command, however authentication against
Radius doesn't seem to be working. The debug output shows that any AD
auth. attempt is going against LDAP instead.
I'm doing it on the same box, same shared Radius config, which is
probably related to the issue and I think that I need some way to
enforce separation between LDAP and AD, however my next steps are not at
clear. I would appreciate any guidance or advise on this.
Thank you very much in advance.
The AD-Radius guide I used came from this URL and I simply added the
described config to the working LDAP config.
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
More information about the Freeradius-Users
mailing list