Windows AD Integration
Phil Mayers
p.mayers at imperial.ac.uk
Mon Apr 7 12:41:36 CEST 2008
Lemaster, Rob wrote:
> Can FreeRADIUS be integrated into Windows Active Directory for user
Yes. A google search for "freeradius active directory" shows many results.
> credentials and privelige based on Active Directory group? What is
> the best way to integrate FreeRADIUS into Windows Active Directory?
For authentication, you will probably want to:
* install samba
* join the domain
* use the "ntlm_auth" helper binary in the "mschap" module
configuration - see the sample config file for examples of use
For group authentication, you will probably want to use LDAP against
your AD controller. You will need a "user" (service) account for
FreeRadius to search the LDAP directory with, and there are some caveats
with ADs LDAP implementation. See the default config files for details.
>
> Thanks!
>
> FreeRADIUS: It's what's for dinner.
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list