Hello Neil, On Friday 01 October 2010 12:15:43 am Johnson, Neil M wrote: > No, I'm running it on a member server. > > Our AD administrators are very reluctant to run applications on PDC's and > BDC's. I can ask but I don't think I will get permission. > > Will it work on a BDC ? > > If not, do I have any other options ? Currently I'm using Radiator to proxy > 802.1X requests to Juniper Steel-Belted Radius in order to re-write VLAN > attributes. I was kind of hoping to eliminate SBR in part to simplify > support for Eduroam.
Tests here show that it works OK on any domain member provided that the user who is running the script is logged in to the domain. Cheers. > > Thanks. > > -Neil > > -- > Neil Johnson > Network Engineer > Information Technology Services > The University of Iowa > Work: 319 384-0938 > Mobile: 319 540-2081 > Fax: 319 355-2618 > E-mail: [email protected] > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On > Behalf Of Mike McCauley Sent: Wednesday, September 29, 2010 9:22 PM > To: [email protected] > Subject: Re: [RADIATOR] Authby LSA and groups not working (redux) > > Hello Neil, > > tests here show that your script (suitably modified) works provided you run > it on the PDC as the administrator. > > Is that how you are testing? > > Cheers. > > On Thursday 30 September 2010 03:18:24 am Johnson, Neil M wrote: > > I whipped up a script based on what I could find in the source code to > > test group membership and it doesn't seem to matter if the group is local > > or global, it can't find it: > > > > #!c:\perl64\bin\perl.exe > > > > use strict; > > use Win32::NetAdmin; > > > > my $User = "nmjoo"; > > my $Group = "ITS-WIRELESS"; > > my $Domain = "IOWA"; > > my $Server = ""; > > > > print "Getting Domain Controller\n"; > > Win32::NetAdmin::GetDomainController ("", $Domain, $Server); > > print "Domain Controller for Domain $Domain is $Server\n"; > > > > print "Checking to see if user: $User is member of Group: $Group\n"; > > if ( Win32::NetAdmin::GroupIsMember($Server, $Group, $User) > > > > || Win32::NetAdmin::LocalGroupIsMember($Server, $Group, > > || $User)) { > > > > print "$User is Member of group $Group"; > > } > > else { > > print "$User is not Member of group $Group"; > > } > > > > Output: > > > > C:\Program Files\Radiator>test2.pl > > Getting Domain Controller > > Domain Controller for Domain IOWA is \\IOWADC1 > > Checking to see if user: nmjoo is member of Group: ITS-WIRELESS > > nmjoo is not Member of group ITS-WIRELESS > > C:\Program Files\Radiator> > > -- > > Neil Johnson > > Network Engineer > > Information Technology Services > > The University of Iowa > > Work: 319 384-0938 > > Mobile: 319 540-2081 > > Fax: 319 355-2618 > > E-mail: [email protected] -- Mike McCauley [email protected] Open System Consultants Pty. Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au Phone +61 7 5598-7474 Fax +61 7 5598-7070 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
