Hi, I thought the whole meaning of binding a freeRadius to an Active Directory is that I have from now on just to configure Users in the AD. So every device I want to authenticate on asks the FR which then asks the AD. So the AD will answer if the User is valid and which Service-Type he has. On my AD Server I installed the Role NPS, configured a RADIUS-Client and some Network Policies. Maybe I am on the right way, maybe not... :-( The AD succesfully tells the FR if the user is valid, just that Service-Type is missing.
Martin >Hi, >> Now I am having the problem that the devices I want to authenticate are >> requesting the Service-Type(Attribute 6). Do you have any idea how to set >> the Service-Type in Active Directory for each user? Is that even possible >> or do I have to configure the users file for each user and his >> corresponding Service-Type? >service-type will have come from the NAS - if you are running FR with standard >dictionaries then you would see what type of service-type is coming in eg login >or authenticate-only. if you want to use policies then you can define those in >eg users file, get them via LDAP (authorize), or in SQL etc. >alan DISCLAIMER: Privileged and/or Confidential information may be contained in this message. If you are not the addressee of this message, you may not copy, use or deliver this message to anyone. In such event, you should destroy the message and kindly notify the sender by reply e-mail. It is understood that opinions or conclusions that do not relate to the official business of the company are neither given nor endorsed by the company. Thank You.
<<inline: graycol.gif>>
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
