On 4 Sep 2013, at 06:54, "Hachmer, Tobias" <[email protected]>
wrote:
> Hello Alan,
>
>>> Hachmer, Tobias wrote:
>>> - Rewrite DN?
>> You can rewrite the DN. That's why it's editable, as the LDAP-UserDn
>> attribute.
>
> How can I do this and how "magic" could I rewrite the DN?
> The local ldap DIT and the AD DIT are totally different (different OU
> structure). It is much more than rewrite the base DN.
> When there's no way to determine the DN in AD DIT again I think I can achieve
> this more easy using ntlm_auth because I just want to check the password
> against AD, am I right?
>
Yes.
update control {
LDAP-BaseDN !* ANY
}
open_ldap.authorize
open_ldap
Or the other way around to auth against AD.
-Arran
Arran Cudbard-Bell <[email protected]>
FreeRADIUS Development Team
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
