FreeRadius - ActiveDirectory authentication multiple domains

Alan DeKok aland at deployingradius.com
Fri Aug 29 16:41:15 CEST 2014


Ricardo Esteves wrote:
> Yes, i can write that query (bash, perl, python), what i don't know is
> how to use it in FreeRadius.

  The point is you write an LDAP query.  Using LDAP syntax.  It's not
about bash, Perl, or Python.  It's about LDAP.

  Then, use the LDAP query in FreeRADIUS:

	update request {
		Realm := "%{ldap:... LDAP QUERY...}"
	}

  The LDAP query should return the domain for the user.  The above
example puts the domain into the "Realm" attribute.

  Then... use the Realm attribute in later queries.

  Alan DeKok.


More information about the Freeradius-Users mailing list