UPN for AD authentication
r3dnano at gmail.com
Tue Jun 2 12:28:09 CEST 2020
Thanks for your reply, Alan
I've been reading some documentation and I guess I'm on the wrong path: I
got everything working with winbind but, as far as I understood, this only
works with SAM, and there's no (simple) way of doing UPN unless I switch to
LDAP module, so I think I'll go down this path and see how it goes.
On Fri, 29 May 2020, 14:57 Alan DeKok, <aland at deployingradius.com> wrote:
> On May 29, 2020, at 5:46 AM, R3DNano <r3dnano at gmail.com> wrote:
> > AFAIK, when I authenticate my users via ntlm_auth (samba AD bnind,
> > not the LDAP module, as suggested by the docu), account names in SAM are
> > used instead of UPN (please, correct me if I'm wrong)
> You use whatever AD allows. See the AD documentation for how AD works.
> > Is it possible to use UPN instead?
> Some people do. See the AD docs.
> > What drawbacks can we have if we do this?
> The format of user names doesn't matter to FreeRADIUS. So the only
> issues are elsewhere.
> Alan DeKok.
> List info/subscribe/unsubscribe? See
More information about the Freeradius-Users