Mathieu Simon wrote: > As short question since Tyler was asking for AD as backend - which I > have read (so far) > can't use the LDAP module since AD stores ntlm hashes - at least not > for authentication.
You can't use AD as an LDAP module for *authentication*. > But then for LDAP groups how is that supposed to be done when using > Samba/Winbind/ntlm_auth? You configure AD as an LDAP server. And *don't* use it for authentication. > Can I use LDAP groups for authorization (interestingly something I've > not really found covered online or in FreeRADIUS books I've had at > hand). Yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
