Users and groups with Microsoft AD
Ivan Kalik
tnt at kalik.net
Fri Oct 16 12:08:08 CEST 2009
> I've tried searching the web before actually submitting this post in order
> to cover all angles. I know it's possible for freeradius to authenticate
> against Microsoft AD groups, users, etc. However, is it possible to
> authenticate by combining groups? In other words, can freeradius
> authenticate against users AND groups? I would like to say only members
> of
> computers AND users are allowed to authenticate against freeradius while
> all
> others are rejected.
>
> Is this even possible? Or, is there something about using peap and
> combining
> groups that will not allow this to occur? Currently I'm running
> freeradius
> 2.1.6 on freebsd 7.2 and windows 2003.
Yes. Configure AD as ldap server in raddb/modules/ldap and use group
membership queries (Ldap-Group).
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list