FreeRADIUS + Cygwin + Active Directory authentication?
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Thu Feb 10 10:17:41 CET 2011
Hi,
> Frankly, running Free Radius on windows sounds like a bad idea,
> especially should you ever need to update it or have another person
> (maybe 5 years down the road) change it a bit. Generally, running
> server process under cygwin is a lot of extra work for not much
> convenience. I would suggest either running it on a linux server (and
> documenting everything you do) or running a different RADIUS server
> that natively runs on windows.
somewhat reluctantly I would agree with this.... either run FreeRADIUS
is its 'full environment' - eg with SAMBA on a Linux BSD etc box - follow
all the docs/guides and ensure any local changes are clearly documented,
or, run native RADIUS on the Windows box - NPS or IAS - as they are already
fully integrated.... oh. there is the 3rd option.... run FreeRADIUS on
its own system - and then just proxy the AD stuff to the IAS/NPS box to deal with.
this gives you all the power/flexibility of FreeRADIUS and just leverages the
IAS/NPS box to do the AD grunt work. (actually, that last option is the most
palatable :-) )
alan
More information about the Freeradius-Users
mailing list