Active Directory authenticated VPN
Alan DeKok
aland at deployingradius.com
Wed May 5 21:48:09 CEST 2021
On May 5, 2021, at 3:42 PM, Michael Ströder via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> On 5/5/21 4:43 PM, Alan DeKok wrote:
>> So far as I know, the OpenLDAP client library doesn't support GSSAPI.
>
> Not true.
>
> It depends on whether it was built with Kerberos support (using MIT
> Kerberos or heimdal libs). I guess on most Linux systems libldap has
> SASL/GSSAPI support.
The LDAP module already has a "sasl { .. .}" section. But anything GSSAPI is either unsupported, or is some magic part of sasl which I choose to ignore, because it's too complex. :)
Alan DeKok.
More information about the Freeradius-Users
mailing list