FreeRadius with Active DIR - Access by being in a group in active dir

Gary Gatten Ggatten at waddell.com
Tue May 31 21:33:23 CEST 2011


Check out the command options of ntlm_auth: --require-membership-of.  If group name doesn't work, try the SID of the group.

G


________________________________
From: freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org [mailto:freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org] On Behalf Of Eric Lovrien
Sent: Tuesday, May 31, 2011 2:27 PM
To: freeradius-users at lists.freeradius.org
Subject: FreeRadius with Active DIR - Access by being in a group in active dir

I have gotten freeradius up and going and authenicating to Active directory  by using the following how to: http://deployingradius.com/documents/configuration/active_directory.html. I am using ntlm_auth to authenicate the users agaist Active Directory. The question i have is, is there a way I can create a group in Active Directory and have only users in that group have access to authenicate?

Basically what I am doing or trying to do is use freeradius to authenicate users for wireless access. I don't want every one to have access that is in Active Dir. I would like to create a group called wifi or something similar and put users in that group that are allowed to authnicate. Is this possible using ntlm_auth and if so could some one point me in the direction on getting this set up. Thanks in advance!

Eric





<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
</div>
"This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system."
</font>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110531/b24d63e1/attachment.html>


More information about the Freeradius-Users mailing list