Thanks! > You don't. You do LDAP queries.
So where do I specify them and how should a query look like ? Rutger -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] us.org] On Behalf Of Alan DeKok Sent: Sunday, December 23, 2007 1:03 AM To: FreeRadius users mailing list Subject: Re: freeradius and active directory Rutger Beyen wrote: > If I have to contact the AD with the ldap protocol for the vlan, why can't I > just use that way to verify the user's credentials? AD can verify credentials, if FreeRADIUS sees a clear-text password in the RADIUS request. Otherwise, it's impossible. AD is *not* an LDAP server, even though it appears to be one. > The use Ntlm must be configured in radiusd.conf, but how and were do I > configure the ldap bind to get the users group and define the vlan? You don't. You do LDAP queries. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html