Freeradius 2.1.12 Second LDAP Server
Mathieu Simon
mathieu.sim at gmail.com
Sat Sep 14 09:35:43 CEST 2013
Hi
While I generally chime in with Alan's later message, one important you
should start reading about and differentiating
is Authentication and Authorization (the later is Accounting of AAA with
RADIUS).
While you can do Authorization using LDAP with AD, you can't do the
Authentication part using LDAP against AD.
Using Samba and ntlm_auth is the way to go, that due to to how AD stores
passwords.
Read deployingradius.com, specially the compatibility matrix and
"Authentication Systems and Password Compatibility".
You may do LDAP load balancing on the authorization part, but ntlm_auth and
balancing / failover is done by Samba.
Otherwise if you want to go deeper, get a RADIUS book :-) I can confirm
that the initial curve may be a bit steep if you
haven't done any RADIUS before, but it's well worth since it gets you
better overall understanding on AAA and RADIUS, that will
definitely help if something goes belly up.
-- Mathieu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130914/c8362e7a/attachment.html>
More information about the Freeradius-Users
mailing list