Thanks. Glad I didn't get this last night or I wouldn't have slept!!!
I will have multiple access points spread across a large geographic area that will authenticate to a series of Radius servers located in the internal network. Any other suggestions would be appreciated. I've got most of this in my head so I need to do some writing. I'm here for 2 days then vacation. I almost don't want to go because this has been such a frustrating task for me. Thanks again. Any more ideas would be appreciated. Liz M -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Maurizio Cimaschi Sent: Wednesday, August 13, 2008 5:44 PM To: FreeRadius users mailing list Subject: Re: Freeradius in an AD environment on opensuse server Hi Liz, Murray, Elizabeth [DNR] wrote: > We’ve moved from a Novell eDirectory solution to . . . . Active Directory. I'm not an AD expert, but they say ( http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/distrib/dsbg_dat_jhzx.mspx?mfr=true ) that AD is accessible using the LDAPv3 protocol; so it should be possible to use it like any other LDAP server. > Can I set up freeradius to authenticate with ldaps and be secure? What do you mean with "to be secure" ? Do you mean the connection between the radius server and the AD ? Are you familiar with the SCHEMAs used in AD (I'm not, by the way) ? Have you already planned the access rules that you will need on the AD to complete the authentication/authorization procedure ? (These are questions intented for yourself, in the first place). > The > ldap would be Microsoft and is on my domain controller. I have > websites using the ldap process but OR do I have to do that samba thing? First of all, I think that you should take a moment to put down the architecture that you're working with (just to have a complete picture), your goals and the expertise that is available to you and/or your collegues/organization. Then, you can start planning your setup. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
