AW: differentiate authoriztion/ authentication in separate ldap modules

Hachmer, Tobias Tobias.Hachmer at stadt-frankfurt.de
Wed Sep 4 07:54:55 CEST 2013


Hello Alan,

>>Hachmer, Tobias wrote:
>> -       Rewrite DN?
>  You can rewrite the DN.  That's why it's editable, as the LDAP-UserDn attribute.

How can I do this and how "magic" could I rewrite the DN?
The local ldap DIT and the AD DIT are totally different (different OU structure). It is much more than rewrite the base DN. 
When there's no way to determine the DN in AD DIT again I think I can achieve this more easy using ntlm_auth because I just want to check the password against AD, am I right?

Kind regards,
Tobias Hachmer


More information about the Freeradius-Users mailing list