Freeradius in an AD environment on opensuse server

Maurizio Cimaschi mauri at unixrulez.org
Thu Aug 14 00:43:53 CEST 2008


Hi Liz,

Murray, Elizabeth [DNR] wrote:
> We’ve moved from a Novell eDirectory solution to . . . . Active Directory. 

I'm not an AD expert, but they say ( 
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsbg_dat_jhzx.mspx?mfr=true 
) that AD is accessible using the LDAPv3 protocol; so it should be 
possible to use it like any other LDAP server.

> Can I set up freeradius to authenticate with ldaps and be secure?

What do you mean with "to be secure" ?
Do you mean the connection between the radius server and the AD ?
Are you familiar with the SCHEMAs used in AD (I'm not, by the way) ?
Have you already planned the access rules that you will need on the AD 
to complete the authentication/authorization procedure ?
(These are questions intented for yourself, in the first place).

> The 
> ldap would be Microsoft and is on my domain controller.   I have 
> websites using the ldap process but OR do I have to do that samba thing?

First of all, I think that you should take a moment to put down the 
architecture that you're working with (just to have a complete picture), 
your goals and the expertise that is available to you and/or your 
collegues/organization. Then, you can start planning your setup.






More information about the Freeradius-Users mailing list