freeradius and active directory

Rutger Beyen sylvester_rutger at
Sat Dec 22 20:36:44 CET 2007

If I have to contact the AD with the ldap protocol for the vlan, why can't I
just use that way to verify the user's credentials?
The use Ntlm must be configured in radiusd.conf, but how and were do I
configure the ldap bind to get the users group and define the vlan?


-----Original Message-----
From: at
[ at lists.freeradi] On Behalf Of Josh Howlett
Sent: Thursday, December 20, 2007 10:36 PM
To: FreeRadius users mailing list
Cc: Josh Howlett
Subject: RE: freeradius and active directory

> Using  Ntlm_auth from the samba server is not an option. I 
> want to access the AD with the ldap protocol for 
> compatibility reasons.

You can't.

> Next, I want to place the logged on 
> user is a specific VLAN. So I have to retrieve the user's 
> vlan from the AD. Is there any way to configure freeradius to 
> do so?

Yes, see the docs.

> Can you please provide me with the necessary steps to accomplish this?



JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024 
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Science and Innovation Campus, Didcot, Oxfordshire. OX11 0SG

List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list