> Hi, > I thought the whole meaning of binding a freeRadius to an Active Directory > is that I have from now on just to configure Users in the AD. > So every device I want to authenticate on asks the FR which then asks the > AD. So the AD will answer if the User is valid and which Service-Type he > has. > On my AD Server I installed the Role NPS, configured a RADIUS-Client and > some Network Policies. Maybe I am on the right way, maybe not... :-( > The AD succesfully tells the FR if the user is valid, just that > Service-Type is missing. > > Martin
hi, as stated in the doc on deployingradius: "In this configuration, we are using Active Directory as an authentication oracle, and not as an LDAP database." So it seems that you will not get any attributes back from AD. If your NAS expects the Service-Type attribute you would have to add it on the fly from your FreeRADIUS configuration. Greetings, -- Dr. Michael Schwartzkopff Guardinistr. 63 81375 München Tel: (0163) 172 50 98 Fax: (089) 620 304 13
signature.asc
Description: This is a digitally signed message part.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html