Freeradius in dmz (not joined to AD) and authorization from AD LDAP

Johnny R vasiana09 at gmail.com
Tue Apr 25 10:02:50 CEST 2017


Hi Chose,

My 2 cents: it is possible through a DMZ pinhole and won't require an AD
joined FreeRadius server, but it is not recommended (PAP/LDAP).

Regards


v4s[at]#unrelated | "sh3ll is just the beginning"



On Tue, Apr 25, 2017 at 10:45 AM, chose <chose at ajetaci.cz> wrote:

>   Good morning,
>   is it able to authorize users from Windows AD LDAP from Freeradius in
> DMZ zone without joining AD (security reasons). I found that there is
> problem with passwords hash, freeradius gets password in mschapv2 ...
>   Thanks for tips and best regards
>   J.Karliak
>
> --
> Ma domena pouziva zabezpeceni a kontrolu SPF (www.openspf.org) a
> DomainKeys/DKIM (s ADSP) a implementaci DMARC. Pokud mate problemy s
> dorucenim emailu, zacnete pouzivat metody overeni puvody emailu
> zminene vyse. Dekuji.
> My domain use SPF (www.openspf.org) and DomainKeys/DKIM (with ADSP)
> policy and implementation of the DMARC. If you've problem with sending
> emails to me, start using email origin methods mentioned above. Thank
> you.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list
> /users.html


More information about the Freeradius-Users mailing list