differentiate authoriztion/ authentication in separate ldap modules

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Sep 4 09:59:58 CEST 2013

On 4 Sep 2013, at 06:54, "Hachmer, Tobias" <Tobias.Hachmer at stadt-frankfurt.de> wrote:

> Hello Alan,
>>> Hachmer, Tobias wrote:
>>> -       Rewrite DN?
>> You can rewrite the DN.  That's why it's editable, as the LDAP-UserDn attribute.
> How can I do this and how "magic" could I rewrite the DN?
> The local ldap DIT and the AD DIT are totally different (different OU structure). It is much more than rewrite the base DN. 
> When there's no way to determine the DN in AD DIT again I think I can achieve this more easy using ntlm_auth because I just want to check the password against AD, am I right?


update control {

Or the other way around to auth against AD.


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

More information about the Freeradius-Users mailing list