AD integration
Phil Mayers
p.mayers at imperial.ac.uk
Sat Oct 29 12:13:37 CEST 2011
On 10/28/2011 09:18 PM, Whitlow, Michael wrote:
> Hello,
>
> I just got Freeradius running on Ubuntu and have successfully configured
> integration Active Directory using Samba and NTLM_AUTH.
>
> When I run “radtest” against Freeradius and put in AD credentials, it is
> successful.
Word of caution: radtest does not do EAP authentication, so you're not
testing the full authentication path. You may want to download the
"wpa_supplicant" sources and do a "make eapol_test" and use that to verify.
>
> My next goal is to configure Freeradius to assign 802.1X VLANs for a
> wireless environment.
>
> In other words, users who are a member of ADGROUP1 get assigned vlan #
> 111, and users who are a member of ADGROUP2 get assigned vlan #222.
>
> I am unclear which direction to go to accomplish this.
Unclear in what respect, precisely?
If you're asking "how do I lookup a users AD groups", there are several
possible ways. A lot of people do it via the "ldap" module.
If you're asking something else, please specify.
More information about the Freeradius-Users
mailing list