Dynamic Vlan Assignment Active Directory with winbind EAP-TLS 802.1x
Matthew Newton
mcn at freeradius.org
Wed Aug 15 19:37:29 CEST 2018
On Wed, 2018-08-15 at 17:28 +0000, Kevin Virk wrote:
> I came across this thread in my search for answers
> http://freeradius.1045715.n5.nabble.com/FreeRadius-3-0-11-and-
> Winbind-td5743424.html and it is stating that winbind is not the
> preferred method for dynamic vlan assignment. This thread is about
> two years old so I was hoping if anyone could answer if this was
> still the case.
It's still the same.
> I am using FreeRADIUS Version 2.2.8. As this was what was downloaded
> using the deb package on Ubuntu 16.04.
2.2.8 is obsolete. You should upgrade to 3.0.17. Or at least 2.2.10
(which is still obsolete).
> The setup I am hoping to achieve is EAP-TLS 802.1x that can
> dynamically assign vlans to users based off active directory
> information and has the ability to revoke certs and check active
> directory for disabled accounts and not allow them to auth. Is this
> possible?
Yes.
As you want EAP-TLS you don't need winbind.
Still use LDAP to get data about the user from AD.
--
Matthew
More information about the Freeradius-Users
mailing list