Freeradius, Active Directory and User's Group
Gary Gatten
Ggatten at waddell.com
Mon Mar 29 22:53:21 CEST 2010
FWIW, I do group checking with SAMBA. I'm not in front of my system, but there's an arg one can pass to the Samba util exe where it will validate uname, password, and group membership. This should work for most "simple" confs, although I can certainly envision situations where LDAP may be required.
----- Original Message -----
From: freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org <freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org>
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Sent: Mon Mar 29 15:26:57 2010
Subject: Re: Freeradius, Active Directory and User's Group
Understood, but the freeradius will be able to return this group
information to the Alcatel device?
Regards
Lincoln
On Mon, Mar 29, 2010 at 5:10 PM, John Dennis <jdennis at redhat.com> wrote:
> On 03/29/2010 04:02 PM, Lincoln Zuljewic Silva wrote:
>>
>> I'm sorry.
>>
>> I forgot to mention that I'm not using LDAP, but Samba to integrate
>> the freeradius with AD.
>
> O.K. I presume you're using samba for authentication, but where are you
> storing the information about which groups a user is in? I presume it's in
> AD. AD is an ldap server that you can query during authorization which is
> when and where you would do the group check.
> --
> John Dennis <jdennis at redhat.com>
>
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
--
Lincoln Zuljewic Silva
More contact info.: http://www.system.adm.br/contact.php
"How often must a question be asked before it’s considered a
frequently asked question?"
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list