Hi,
I configured FreeRadius for Authentication with Active Directory by following the steps as suggested by Alan's deployingradius.com. Everything is working successfully like Samba, Kerberos, ntlm_auth configuration, I can successfully join the domain as an administrator and also user can be authenticated by their credentials successfully. Now I need one suggestion here: Is there any way that administrator be able to read and write the information about user's access privileges by joining the domain. Such as users are allowed/denied for WIFi access, VPN access etc. I don't know whether it is possible or not by confguring anything with Samba/Kerberos/ntlm_auth/FreeRadius or should I need any other program to obtain this goal.
currently, you are just doing authentication - you now need to think about authorization and policy - there are many ways of doing this - hints,huntgroups, SQL, external scripts using perl;python;ruby, unlang , LDAP attributes etc. you need to decided where you skills lie and what methods/facilities you have in place for checking... if you already have a DB for access info...then use that! :-) - you can then reject, set values, set return attributes etc via your chosen method. there are example, docs, wiki entries, config comments etc for this operation. alan