Freeradius 2.1.12 Second LDAP Server

Mathieu Simon mathieu.sim at
Sat Sep 14 09:35:43 CEST 2013


While I generally chime in with Alan's later message, one important you
should start reading about and differentiating
is Authentication and Authorization (the later is Accounting of AAA with

While you can do Authorization using LDAP with AD, you can't do the
Authentication part using LDAP against AD.
Using Samba and ntlm_auth is the way to go, that due to to how AD stores

Read, specially the compatibility matrix and
"Authentication Systems and Password Compatibility".

You may do LDAP load balancing on the authorization part, but ntlm_auth and
balancing / failover is done by Samba.
Otherwise if you want to go deeper, get a RADIUS book :-) I can confirm
that the initial curve may be a bit steep if you
haven't done any RADIUS before, but it's well worth since it gets you
better overall understanding  on AAA and RADIUS, that will
definitely help if something goes belly up.

-- Mathieu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list