On Thu, Feb 02, 2012 at 06:33:19PM +0100, NdK wrote:
> I'm trying (with no luck :( ) to use
> /usr/bin/net ads search -P "(mail=%{User-Name})" sAMAccountName|grep
> sAMAccountName|sed "s/^[^ ]* //"
> (maybe it's possible to do the same without using grep and sed, but it's
> been just a quick test -- suggestions welcome).Have you tried ldapsearch? Might be more flexible. > A limit of net ads search is that it searches only the default (joined) > domain, unless you specify another domain controller with -S or -I -- I > could easily do that based on the mail domain but in others setups it > could be harder. I'm rather guessing here, but I wonder if LDAP searching the AD global catalogue (ports 3268/3269) would make this work with one search? But that's not really a FreeRADIUS issue. You'd probably be better finding a samba or AD list. Matthew -- Matthew Newton, Ph.D. <m...@le.ac.uk> Systems Architect (UNIX and Networks), Network Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ith...@le.ac.uk> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
