Check out the command options of ntlm_auth: --require-membership-of. If group name doesn't work, try the SID of the group.
G ________________________________ From: freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org [mailto:freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org] On Behalf Of Eric Lovrien Sent: Tuesday, May 31, 2011 2:27 PM To: [email protected] Subject: FreeRadius with Active DIR - Access by being in a group in active dir I have gotten freeradius up and going and authenicating to Active directory by using the following how to: http://deployingradius.com/documents/configuration/active_directory.html. I am using ntlm_auth to authenicate the users agaist Active Directory. The question i have is, is there a way I can create a group in Active Directory and have only users in that group have access to authenicate? Basically what I am doing or trying to do is use freeradius to authenicate users for wireless access. I don't want every one to have access that is in Active Dir. I would like to create a group called wifi or something similar and put users in that group that are allowed to authnicate. Is this possible using ntlm_auth and if so could some one point me in the direction on getting this set up. Thanks in advance! Eric <font size="1"> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'> </div> "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." </font>
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
