FreeRadius and Active Directory and SSSD
Alan DeKok
aland at deployingradius.com
Tue May 10 12:42:48 UTC 2022
> On May 10, 2022, at 8:21 AM, White, Daniel E. (GSFC-770.0)[AEGIS] via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>
> Approaching the problem from a different direction:
> Rather than "integrating" FR with Active Directory, could I set it up to use LDAP as the Auth-Type ?
It depends. PAP? Yes. MS-CHAP? No.
The documentation has endless examples of using Samba for AD integration, because in many cases it's required. e.g. for MS-CHAP.
Perhaps instead of asking what's possible, describe what you want to do. We can then say how to do it.
FreeRADIUS can do almost anything. The main limitations are external. i.e. certain EAP methods don't work with Active Directory, or with certain password storage methods.
But if it's possible to do in RADIUS, FreeRADIUS can do it.
Alan DeKok.
More information about the Freeradius-Users
mailing list