New User and AD Question
Sallee, Stephen (Jake)
Jake.Sallee at umhb.edu
Wed Mar 2 16:11:59 CET 2011
> My advice would be to define a local, internal-only attribute in
> /etc/raddb/dictionary:
>
> ATTRIBUTE My-NT-Domain 3003 string
>
> ...and set this in your regexps:
>
> if (User-Name =~ /host[/].+[.]domain.com/) {
> update request {
> My-NT-Domain = "DOMAIN.COM"
> }
> }
> elsif (...) {
> }
>
> ...then in your ntlm_auth helper, do:
>
> ntlm_auth = "... --domain=%{My-NT-Domain:-DEFAULTVALUE} ..."
>
That is brilliant! We are going to deploy a second domain this summer, I was wondering exactly how I would make our FR server work with both. I am definitely going to give this a try!
Jake Sallee
Network Engineer
University of Mary Hardin-Baylor
Fone: 254-295-4658
Phax: 254-295-4221
More information about the Freeradius-Users
mailing list