Brocade attribute with AD
Alan DeKok
aland at deployingradius.com
Thu Apr 30 00:00:06 CEST 2020
On Apr 29, 2020, at 5:06 PM, Luke Smith <LukeS at coloradovalley.com> wrote:
>
> I'm curious to see if anyone using freeradius with Brocade and Active Directory and how they are successfully getting logins to work.
Brocade should just use standard RADIUS attributes. If it doesn't, it's very broken.
> I know that I need to add the attribute brocade-admin and I've got that configured on my AD and propagated but when I go to the Brocade/Extreme device I login with the AD credentials but the attribute doesn't get passed along.
What does that mean?
Hint: there is something called DEBUG MODE.
It also helps to explain what you did: http://wiki.freeradius.org/list-help
"I did stuff and it didn't work" is a bad question.
> If I edit my client.conf file I can make a local username work just fine, but I don't want to manage user accounts out of freeradius, I want that managed by AD. Anyone have any insight? Thanks in advance!
Local users aren't defined in clients.conf.
You should be able to configure AD as an authentication source for FreeRADIUS. The server has pretty good documentation for how to do this. See mods-available/ldap, especially in 3.0.20+
You can also map AD attributes to RADIUS attributes. Again, this is documented with examples in mods-available/ldap.
Alan DeKok.
More information about the Freeradius-Users
mailing list