freeradius winbind and require-membership-of
Matthew Newton
mcn at freeradius.org
Fri Dec 8 12:37:21 CET 2017
On Fri, 2017-12-08 at 11:31 +0000, Vieri via Freeradius-Users wrote:
> I used to specify an AD group with a command such as:
>
> /usr/bin/ntlm_auth --request-nt-key --username=%{Stripped-User-
> Name:-%{User-Name:-None}} --domain=DOMAIN --require-membership-
> of=DOMAIN\\ALLOWED_GROUP --challenge=%{mschap:Challenge:-00} --nt-
> response=%{mschap:NT-Response:-00}
>
> I'm now using winbind with freeradius.
> mods-available/mschap:
> winbind_username = "%{mschap:User-Name}"
> winbind_domain = "%{mschap:NT-Domain}"
>
> Is there a require-membership-of alternative for winbind?
No, you need to use LDAP (which is more flexible and less likely to
have issues anyway).
--
Matthew
More information about the Freeradius-Users
mailing list