RE: Active Directory and FreeRadius
I'd recommend skipping PAM and using MIT's kerberized telnet. I don't believe PAM supports single signon, whereas you can have single sign-on with kerberized telnet.
-----Original Message----- From: freeradius-users-bounces@lists.freeradius.org [mailto:freeradius-users-bounces@lists.freeradius.org] On Behalf Of Alan DeKok Sent: Thursday, July 14, 2005 11:39 AM To: FreeRadius users mailing list Subject: Re: Active Directory and FreeRadius
"Talwar, Puneet (NIH/NIAID)" <PTALWAR@niaid.nih.gov> wrote:
Well I can use pam_krb5, but what I am trying to accomplish here is that I have quite a few Linux workstation on my network and I thought if I can setup those Linux workstation to point to the radius server where they login using there Active Directory credentials.
You said that already.
What you may not know is that AD implements Kerberos. You can use pam_krb5 on the Linux boxes to do *exactly* the same thing, but without using RADIUS at all.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (1)
-
Zawacki Jason D Ctr AFRL/IFOS