Multiple AD's and domains?
Alan DeKok
aland at deployingradius.com
Wed Jul 22 03:22:37 CEST 2009
Justin Steward wrote:
> Now, the stock standard way of authenticating against AD is using samba,
> joining the domain, and using NTLM Auth. Since I have multiple AD
> domains, how would this best be handled?
>
> I know that PHP is capable of using LDAP to authenticate against an AD
> server. Can freeRadius also do this? How, or why not?
ntlm_auth has a --domain parameter. It can be used to authenticate
different domains.
However... they all need to be part of the same AD forest / whatever.
You CANNOT authenticate to two completely independent AD systems. This
is a fundamental limitation of AD.
Alan DeKok.
More information about the Freeradius-Users
mailing list