Approaching the problem from a different direction: Rather than "integrating" FR with Active Directory, could I set it up to use LDAP as the Auth-Type ? On 5/9/22, 16:09, "Freeradius-Users on behalf of Alan DeKok" <freeradius-users-bounces+daniel.e.white=nasa.gov@lists.freeradius.org on behalf of aland@deployingradius.com> wrote: On May 9, 2022, at 3:33 PM, White, Daniel E. (GSFC-770.0)[AEGIS] via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote: > > An observation: > The instructions seem to only cover winbind. > As an example, it says to use the "ntlm_auth" command. That command is not part of sssd. See the sssd documentation for other commands to test user name / password authentication with sssd. We didn't write sssd, and we don't know much about it. > Is there a newer version of that guide page that uses sssd instead of winbind ? There is no secret documentation. All of the documentation is public, and is publicly accessible. The Wiki can be edited. If you figure things out, please document them so that other people don't run into the same issues. Waiting for the FR developers to do everything may very well be a lost cause in some cases. Alan DeKok.