win2003 Active Directory authentication
Chris.Liles at air2web.com
Mon May 8 18:40:38 CEST 2006
Yes you can do use the ldap module of freeradius to hit your AD, I am doing this now.
Yes you can do ssl/tls for encryption between the radius server and AD.
Windows server 2000 does not support tls, only ssl.
It is similar to setting up mm_mod_auth_ldap for apache.
You will need an ldap browser to browse your domain to find out the correct search filters for everything.
The only thing I can't figure out is how to check for group membership.
I posted to the mailing list, but no one has responded yet :-(
There is good documentation on the wiki.
Look for my previous post about not getting groups working to see my config files.
1230 Peachtree St. N.E.
Atlanta, GA 30309
Tel: (404) 942-5334
Fax: (404) 815-7708
From: freeradius-users-bounces+chris.liles=air2web.com at lists.freeradius.org [mailto:freeradius-users-bounces+chris.liles=air2web.com at lists.freeradius.org] On Behalf Of Frank Smith
Sent: Monday, May 08, 2006 11:55 AM
To: freeradius-users at lists.freeradius.org
Subject: win2003 Active Directory authentication
I am running AD in native mode. By my ancient understanding of samba, I cannot join this domain. I can authenticate using ldap, no? Also, is this insecure due to clear text? Any other ideas for what I want here?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users