freeradius integrate to Active Directory
Matthew Newton
mcn4 at leicester.ac.uk
Fri Apr 15 12:54:09 CEST 2016
On Fri, Apr 15, 2016 at 03:08:29PM +0800, elmerhe via Freeradius-Users wrote:
> In order to integrate to Active Directory, We have been using
> samba utils winbindd/net/ntlm_auth to integrate to Active
> Directory. Is there any other way to do integration?
Not really, no.
Usual solution which works is talk to AD via ntlm_auth to Samba.
New solution which should work a bit faster talks to AD with
libwbclient via Samba.
If you're running NPS you might be able to proxy to NPS rather
than use Samba.
If you're only doing PAP or EAP-TTLS/PAP then you might be able to
auth with LDAP.
The latter two are fairly uncommon...
> Can you give me some advice?
Stick with ntlm_auth and Samba, or try out libwbclient if you're
using Samba newer than 4.2.1 and FreeRADIUS > v3.0.8.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list