Then use proxy radius.
Ad for realms, if you need to do realm rewriting, good luck. I tried to to it with the attr_rewrite a while ago, but that did not work well. I'll be trying that again one of these days.
Joe
Heiden, John wrote:
Hi Folks,
I have been using FreeRADIUS for a while now, but with a pretty simple configuration. Now I have been asked to do some more on a different server.
Here's the scoop, I need to have a number of Cisco Access Servers authenticate to a Linux server with FreeRADIUS. The tricks are 1) need to have about 5 different realms, and 2) need to have the FreeRADIUS server mostly just act as a pass through back to an (Micro$oft) Active Directory server which does the real authentication. The FreeRADIUS server would do the accounting as well as preventing mulitple logins.
I am assuming I need to somehow have FreeRADIUS add a realm to the incoming information first, then pass that back to the Active Directory server? Second, what is the best way to authenticate to an AD?
Has anyone done this before? Can anyone point me in the right direction? I have the Hassell book here, but it seems like the book is extremely out of date with FreeRADIUS already, etc. It seems like the book should already have a new edition out.
Anyway, any help or advice would be EXTREMELY appreciated! I need to get a prototype up and running very soon.
Thanks!
John Heiden Network Engineer The University of Toledo Toledo, OH 43606
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
