AD Authentication Permissions

Mathieu Simon mathieu.sim at
Sat Jan 5 10:36:40 CET 2013

G'day all

2013/1/5 Alan DeKok <aland at>:
>   Set up groups in LDAP.  See the LDAP / AD documentation.
>   Then, in FreeRADIUS, check them:
> #-- users file
> DEFAULT LDAP-Group == "foo", ...
>         ...
> #---

(protest if this may sound like hijacking this thread...)
As short question since Tyler was asking for AD as backend - which I
have read (so far)
can't use the LDAP module since AD stores ntlm hashes - at least not
for authentication.

But then for LDAP groups how is that supposed to be done when using
Can I use LDAP groups for authorization (interestingly something I've
not really found covered online or in FreeRADIUS books I've had at

Best regards

More information about the Freeradius-Users mailing list