freeRadius against Active Directory
Michael Schwartzkopff
misch at schwartzkopff.org
Tue Oct 9 09:36:23 CEST 2012
> Hi,
> I thought the whole meaning of binding a freeRadius to an Active Directory
> is that I have from now on just to configure Users in the AD.
> So every device I want to authenticate on asks the FR which then asks the
> AD. So the AD will answer if the User is valid and which Service-Type he
> has.
> On my AD Server I installed the Role NPS, configured a RADIUS-Client and
> some Network Policies. Maybe I am on the right way, maybe not... :-(
> The AD succesfully tells the FR if the user is valid, just that
> Service-Type is missing.
>
> Martin
hi,
as stated in the doc on deployingradius:
"In this configuration, we are using Active Directory as an authentication
oracle, and not as an LDAP database."
So it seems that you will not get any attributes back from AD. If your NAS
expects the Service-Type attribute you would have to add it on the fly from
your FreeRADIUS configuration.
Greetings,
--
Dr. Michael Schwartzkopff
Guardinistr. 63
81375 München
Tel: (0163) 172 50 98
Fax: (089) 620 304 13
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121009/8dd1899f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121009/8dd1899f/attachment-0001.pgp>
More information about the Freeradius-Users
mailing list