AW: differentiate authoriztion/ authentication in separate ldap modules
Tobias.Hachmer at stadt-frankfurt.de
Wed Sep 4 07:54:55 CEST 2013
>>Hachmer, Tobias wrote:
>> - Rewrite DN?
> You can rewrite the DN. That's why it's editable, as the LDAP-UserDn attribute.
How can I do this and how "magic" could I rewrite the DN?
The local ldap DIT and the AD DIT are totally different (different OU structure). It is much more than rewrite the base DN.
When there's no way to determine the DN in AD DIT again I think I can achieve this more easy using ntlm_auth because I just want to check the password against AD, am I right?
More information about the Freeradius-Users