Active Directory isn't really an LDAP server. At least, not where it
matters.
There is a huge discussion at the moment at our University where the AD people want to get rid of our central Open-LDAP-Servers with exactly this argument: "AD is a ldap-server like any other". Now I read this comment and would really appreciate if someone
could be a little more verbose on the topic or point me to the documentation on how it differs especially from a FreeRadius perspective.
As an example:
For me it is not clear if I could just use AD as a LDAP-Backend (instead of OpenLDAP) and keep my eduroam configuration otherwise the same or if I would have to switch to ntlm_auth to get things back to working - which I would really want to avoid since
I don't see a reason making thing more complex by having samba and other new dependencies...