Checking for disabled ad account
Alan DeKok
aland at deployingradius.com
Wed Oct 25 20:01:25 CEST 2017
On Oct 25, 2017, at 1:19 PM, Alex Sharaz <alex.sharaz at york.ac.uk> wrote:
> I’ve configured EAP-TLS with ocsp validation in FR 3.0.16
> I’ve now been told that I need to also check that the username associated with the account hasn’t been disabled in our AD service.
>
> Same FR server also does EAP-PEAP auth against AD
>
> Any suggestions as to how I might do this ?
Configure the LDAP module, and do an LDAP query.
Alan DeKok.
More information about the Freeradius-Users
mailing list