freeRADIUS+samba3.0.1+AD(multiple domains)
Joe Vieira
jvieira at clarku.edu
Wed Feb 27 12:16:45 CET 2008
>> But there are multiple domains in active-directory. How to configure
>> freeRADIUS or samba can let it support multiple domains?
> FreeRADIUS just used Samba to do authentication with AD. The winbind
>&& ntlm_auth API used in Samba cannot authenticate to multiple domains.
that's not entirely true, you can (and i do) get samba to auth to multiple domains. the domains either need to be in the same forest,and or have full trusts back and forth. (i also found that adding them each to your kerberos config helps)
basically you join to one of them and you should be able to enumerate all the users from both thru winbind or getent...
Joe
More information about the Freeradius-Users
mailing list