AD Authentication Permissions
Mathieu Simon
mathieu.sim at gmail.com
Sat Jan 5 10:36:40 CET 2013
G'day all
2013/1/5 Alan DeKok <aland at deployingradius.com>:
[snip]
>
> Set up groups in LDAP. See the LDAP / AD documentation.
>
> Then, in FreeRADIUS, check them:
>
> #-- users file
> DEFAULT LDAP-Group == "foo", ...
> ...
>
> #---
(protest if this may sound like hijacking this thread...)
As short question since Tyler was asking for AD as backend - which I
have read (so far)
can't use the LDAP module since AD stores ntlm hashes - at least not
for authentication.
But then for LDAP groups how is that supposed to be done when using
Samba/Winbind/ntlm_auth?
Can I use LDAP groups for authorization (interestingly something I've
not really found covered online or in FreeRADIUS books I've had at
hand).
Best regards
Mathieu
More information about the Freeradius-Users
mailing list