Active Directory authenticated VPN
Michael Ströder
michael at stroeder.com
Wed May 5 21:42:05 CEST 2021
On 5/5/21 4:43 PM, Alan DeKok wrote:
> So far as I know, the OpenLDAP client library doesn't support GSSAPI.
Not true.
It depends on whether it was built with Kerberos support (using MIT
Kerberos or heimdal libs). I guess on most Linux systems libldap has
SASL/GSSAPI support.
> If it does, then FreeRADIUS doesn't use it, because TLS is so much more common.
I agree TLS is way more secure.
Ciao, Michael.
More information about the Freeradius-Users
mailing list