Freeradius Multiple Disjoint Ad Domains
arnabroy at mail.com
Mon May 22 13:54:30 CEST 2017
Thanks your response. Yes I have been using the --configfile option and
it looks like it ignores the options for the socket dir and priv dir
directives in the config file. Creating additional VM's isnt under my
control unfortunately and it sounds like a huge waste of resource to me
Any chance I can simply recompile the NTLM auth binary and specify a
different winbind sockets ?
I know again this should be a question the guys at Samba should be
responding but nobody responds their ..
Sent: Monday, May 22, 2017 at 12:41 PM
From: "Herwin Weststrate" <herwin at quarantainenet.nl>
To: freeradius-users at lists.freeradius.org
Subject: Re: Freeradius Multiple Disjoint Ad Domains
On 22-05-17 13:27, Arnab Roy wrote:
> I have been able to get multiple instances of winbindd running with
> separate smb.conf's and joined to the respective AD domains.
> The problem seems to be ntlm_auth doesnt see that the winbindd
> privileged pipe and winbindd socket is running in a custom directory.
Have you tried this argument for ntlm_auth?
The file specified contains the configuration details
required by the server. The information in this file includes
server-specific information such as what printcap file to use, as well
descriptions of all the services that the server is to
provide. See smb.conf for more information. The default configuration
file name is determined at compile time.
And another solution: is it possible to create two VMs for the samba
servers, both running a freeradius instance. The current freeradius
instance could act as a proxy (assuming you could select the correct
radius server based on a realm).
List info/subscribe/unsubscribe? See
More information about the Freeradius-Users