Active Directory authenticated VPN

Alan DeKok aland at
Wed May 5 21:48:09 CEST 2021

On May 5, 2021, at 3:42 PM, Michael Ströder via Freeradius-Users <freeradius-users at> wrote:
> On 5/5/21 4:43 PM, Alan DeKok wrote:
>>  So far as I know, the OpenLDAP client library doesn't support GSSAPI.
> Not true.
> It depends on whether it was built with Kerberos support (using MIT
> Kerberos or heimdal libs). I guess on most Linux systems libldap has
> SASL/GSSAPI support.

  The LDAP module already has a "sasl { .. .}" section.  But anything GSSAPI is either unsupported, or is some magic part of sasl which I choose to ignore, because it's too complex. :)

  Alan DeKok.

More information about the Freeradius-Users mailing list