How LDAP Authentication works
Tobias Hachmer
lists at kokelnet.de
Fri Jun 22 08:30:17 CEST 2012
Hello list,
I know this isn't a direct FR related issue, but I think the people
here have deep know how or some further links I can get my information I
need.
What I'm interested in is how the LDAP user/password authentication
works, especially how FR does it.
In LDAP module configuration I set an identity. For my understanding
this is for the ldap bind user. With this identity FR will get access to
the ldap database, to do groupmembership information or attributes and
so on.
But is this identity also needed for authentication only?
In my setup I just want to authenticate my users against Microsoft
Active Directory, authorization will be done through sql.
So I thought about if I need the bind user. Am I right with this:
FR or the ldap module will test if the username/password combination is
correct against ldap. For that it will do a simple ldap bind with the
credentials from access-request packet. So, is the identity really
needed for authentication or is my understanding here wrong?
Please point me to the right...
Regards,
Tobias Hachmer
More information about the Freeradius-Users
mailing list