freeRADIUS -> AD Auth

A.L.M.Buxey at A.L.M.Buxey at
Fri Aug 15 14:53:39 CEST 2014


> > as for permissions...we run radiusd process as 'radiusd' user, so permissions are 
> > radiusd:radiusd for all of the raddb directory, shares, log dirs etc...and radiusd is 
> > in the winbind group so the winbind_privileged directory is okay
> Just FYI - radiusd is not automatically in the winbind (or rather, wbpriv) group, so you can add radiusd to the group with: usermod -a -G wbpriv (or winbind, depending on which group you have).

and why do this? well, the alternative is change permissions on the winbind_privileged directory
to be that of the radiusd group..... which works fine.... until you update SAMBA - at which point 
the directory permissions get blatted and your auths all then fail  ;-)


More information about the Freeradius-Users mailing list