Again. Now we can get attributes from AD domains using the Global Catalog port
3268.
A new problem: there are 2 same accounts in 2 domains. And we use filter =
"(sAMAccountName=%{mschap:User-Name})". Looks ldapsearch return 2 results from
AD. And freeRADIUS could not handle this now? How should I do to handle this
issue?
John
--- 09年7月27日,周一, Luis Azevedo <labrac...@gmail.com> 写道:
发件人: Luis Azevedo <labrac...@gmail.com>
主题: Re: get attributes from multiple AD domains
收件人: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
日期: 2009年7月27日,周一,下午6:30
Hi,
You need to contact the AD at the Global Catalog port 3268, otherwise it will
return results only for the current AD. Also ensure your AD is a Global Catalog
and the Replication connections are working fine.
Hope it helps,
Luis Azevedo
http://www.braceta.com
On Jul 27, 2009, at 03:27 , John wrote:
I follow up this link to set up freeRADIUS talk to AD,
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
It can work and can get VLAN attribute from AD through LDAP module
(ldap_search).
But we need to support 2 AD domains. NTLM_auth can work in multiple domains.
But we can not get attributes from multiple domains. Anyone can give me some
advice?
Thanks.
John.
好玩贺卡等你发,邮箱贺卡全新上线!-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-----下面为附件内容-----
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
___________________________________________________________
好玩贺卡等你发,邮箱贺卡全新上线!
http://card.mail.cn.yahoo.com/-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
