Freeradius in an AD environment on opensuse server

Roberto S. G. roberto.santos at
Thu Aug 14 09:25:42 CEST 2008

 >Can I set up freeradius to authenticate with ldaps and be secure?  The
 >ldap would be Microsoft and is on my domain controller.   I have
 >websites using the ldap process but OR do I have to do that samba

It can be done more or less easily, depending on what type of 
authentication are u doing... If it's plain user/pwd, you can configure 
freeradius to use LDAP directly. That would be easier.
The servers would be your AD servers (you can use all of them if you 
have more than one), uncomment and configure ldap parts on your FR conf.

In order to use ldaps, you just have to enable it in your AD servers if 
it isn't (just make a netstat looking for por 636 on your AD; if needed, 
check your windows version on how to enable it), and if you wanna check 
AD certificates from freeradius when doing connections (it's a good 
idea), you'll have to import your AD's CA certificate to ./certs on yor 
FR configuration.
It'd run smoothly.


More information about the Freeradius-Users mailing list