Freeradius Multiple Disjoint Ad Domains
Arnab Roy
arnabroy at mail.com
Mon May 22 13:54:30 CEST 2017
Hi Herwin,
Thanks your response. Yes I have been using the --configfile option and
it looks like it ignores the options for the socket dir and priv dir
directives in the config file. Creating additional VM's isnt under my
control unfortunately and it sounds like a huge waste of resource to me
:(
Any chance I can simply recompile the NTLM auth binary and specify a
different winbind sockets ?
I know again this should be a question the guys at Samba should be
responding but nobody responds their ..
Many Thanks
Arnab
Sent: Monday, May 22, 2017 at 12:41 PM
From: "Herwin Weststrate" <herwin at quarantainenet.nl>
To: freeradius-users at lists.freeradius.org
Subject: Re: Freeradius Multiple Disjoint Ad Domains
On 22-05-17 13:27, Arnab Roy wrote:
> I have been able to get multiple instances of winbindd running with
> separate smb.conf's and joined to the respective AD domains.
>
> The problem seems to be ntlm_auth doesnt see that the winbindd
> privileged pipe and winbindd socket is running in a custom directory.
Have you tried this argument for ntlm_auth?
--configfile=<configuration file>
The file specified contains the configuration details
required by the server. The information in this file includes
server-specific information such as what printcap file to use, as well
as
descriptions of all the services that the server is to
provide. See smb.conf for more information. The default configuration
file name is determined at compile time.
And another solution: is it possible to create two VMs for the samba
servers, both running a freeradius instance. The current freeradius
instance could act as a proxy (assuming you could select the correct
radius server based on a realm).
--
Herwin Weststrate
-
List info/subscribe/unsubscribe? See
[1]http://www.freeradius.org/list/users.html
References
1. http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list