LDAP Groups + SQL Authorization

2010-03-22 Thread Mike Loosbrock
that attribute in an authorization query (at least in any sort of useful manner). One work-around is to periodically export the AD group membership data and rebuild the usergroup table from it. I'd really like to avoid this approach if at all possible. -- Mike Loosbrock Bethel University Network

Re: LDAP Groups + SQL Authorization

2010-03-22 Thread Mike Loosbrock
Excerpts from Alan DeKok's message of Mon Mar 22 11:48:40 -0500 2010: Mike Loosbrock wrote: I thought about getting the user's groups by fetching the multi- valued 'memberOf' attribute from AD and then copying it to the control list via ldap.attrmap. But I don't see any way to then make

Re: Windows XP hangs forever during PEAP auth on freeradius withwinbind/AD backend

2009-04-08 Thread Mike Loosbrock
? Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Windows XP hangs forever during PEAP auth on freeradius withwinbind/AD backend

2009-04-08 Thread Mike Loosbrock
On Apr 8, 2009, at 10:07 AM, Mike Loosbrock wrote: We run Debian, and we currently have our samba packages pinned at version 2:3.0.30-3 due to this issue: http://lists.freeradius.org/pipermail/freeradius-users/2009-February/msg00289.html List, I'd be willing to report this bug to the Samba

Re: Windows XP hangs forever during PEAP auth on freeradius withwinbind/AD backend

2009-04-08 Thread Mike Loosbrock
system to work around this issue. I'd be interested to know what you ended up doing. Just add the freerad user to the winbindd_priv group. Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: FreeRADIUS and Active Directory

2009-02-20 Thread Mike Loosbrock
-Domain}'. Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: FreeRADIUS and Active Directory

2009-02-19 Thread Mike Loosbrock
and password (and domain if any)' Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius2.1.3 + Fedora9 + PEAP + AD = problem

2009-02-13 Thread Mike Loosbrock
) to bail. There's apparently something wrong with the NT_KEY returned by ntlm_auth... Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: PEAP/MS-CHAPv2 for some, Kerberos (or PAM) for others...

2009-02-12 Thread Mike Loosbrock
(such as files or eap) set Auth-Type. See 'man unlang' for more details. Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Copying Attributes Between Proxy-Reply and Reply Messages

2009-01-27 Thread Mike Loosbrock
ID 27 with timestamp +3 Ready to process requests. ### END DEBUG OUTPUT ### Mike Loosbrock Bethel University Network Services 651-638-6723 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html