This email has been classified as: NOT PROTECTIVELY MARKED
Hi there,
I'm fairly new to PF and have just set up v6.5.0 on CentOS 7. I have the basics
working on a standalone setup and the next step is to integrate PF into a
Windows domain with the ultimate aim of doing certificate-based authentication
using 802.1X on all wired connections.
My question involves the domain admin level account used for querying AD when
using the built-in FreeRADIUS and authenticating against Active Directory.
The PF Administration Guide states the account must be a domain account,
"Username is the username that will be used for binding to the server. This
account must be a domain administrator."
There are obvious security risks when using domain administrator accounts so I
was hoping to use a non-administrator account. I have other situations where
applications are doing AD lookups and authentication that work ok with
read-only accounts. Why does PF require domain administrator level?
Steve
This email and any files transmitted with it are intended solely for the named
recipient and may contain sensitive, confidential or protectively marked
material up to the central government classification of "RESTRICTED" which must
be handled accordingly. If you have received this e-mail in error, please
immediately notify the sender by e-mail and delete from your system, unless you
are the named recipient (or authorised to receive it for the recipient) you are
not permitted to copy, use, store, publish, disseminate or disclose it to
anyone else.
E-mail transmission cannot be guaranteed to be secure or error-free as it could
be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
contain viruses and therefore the Council accept no liability for any such
errors or omissions.
Unless explicitly stated otherwise views or opinions expressed in this email
are solely those of the author and do not necessarily represent those of the
Council and are not intended to be legally binding.
All Council network traffic and GCSX traffic may be subject to recording and/or
monitoring in accordance with relevant legislation.
South Tyneside Council, Town Hall & Civic Offices, Westoe Road, South Shields,
Tyne & Wear, NE33 2RL, Tel: 0191 427 1717, Website: www.southtyneside.gov.uk
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
