Freeradius in an AD environment on opensuse server
Roberto S. G.
roberto.santos at unileon.es
Thu Aug 14 09:25:42 CEST 2008
>Can I set up freeradius to authenticate with ldaps and be secure? The
>ldap would be Microsoft and is on my domain controller. I have
>websites using the ldap process but OR do I have to do that samba
It can be done more or less easily, depending on what type of
authentication are u doing... If it's plain user/pwd, you can configure
freeradius to use LDAP directly. That would be easier.
The servers would be your AD servers (you can use all of them if you
have more than one), uncomment and configure ldap parts on your FR conf.
In order to use ldaps, you just have to enable it in your AD servers if
it isn't (just make a netstat looking for por 636 on your AD; if needed,
check your windows version on how to enable it), and if you wanna check
AD certificates from freeradius when doing connections (it's a good
idea), you'll have to import your AD's CA certificate to ./certs on yor
It'd run smoothly.
More information about the Freeradius-Users