AD Authentication Permissions

Mathieu Simon mathieu.sim at
Sat Jan 5 14:31:33 CET 2013

G'day Alan(s)

2013/1/5  <A.L.M.Buxey at>:

> huh? this wasnt about authentication, it was about authorization - ie
> passing back details about what a user can do on some kit - that works fine
> 100% fine with LDAP and AD

Thank you both for pointing in the correct directions by pointing me
back at authentication != authorization thing.
I'm messing around with configurations files - yes I agree to be a
beginner even after some time
wrestling with FreeRADIUS now. ;-)

The thing I did here in mytest env wasn't actually doing
authorization, but "kind of" authentication
restriction, via ntlm_auth's "--require-membership-of" parameter
during auhtentication phase.

Thanks you guys!

-- Mathieu

More information about the Freeradius-Users mailing list