Can Freeradius integrated with AD cache WPA Enterprise logins?

Alan DeKok aland at deployingradius.com
Mon Mar 18 15:47:39 CET 2019


On Mar 18, 2019, at 10:41 AM, yuryb <yuryb at ukr.net> wrote:
> There are two offices: main and remote. At the main office, workstations are connected to the corporate wi-fi network in the WPA-Enterprise mode. They use their computer accounts to authenticate themselves. Now I want to make the same scheme in a remote office. But there is no domain controller there, and the problem is that sometimes electricity or the Internet is lost in the main office, and Active Directory becomes temporarily unavailable, which means that computers cannot connect to the Wi-Fi network.
> On the other hand, in the remote office there is a Linux server on which I can install FreeRadius to integrate it with Active Directory. But will this solve the problem? Is it possible to configure FreeRadius so that in the event of a domain controller being unavailable, clients at a remote office can connect to the Wi-Fi network using their computer accounts (something like a cache)?

  No.

  All of that caching is done in Active Directory.  You will need to install an AD replica in the local office.

  Alan DeKok.





More information about the Freeradius-Users mailing list