RE: freeRADIUS+samba3.0.1+AD(multiple domains)
Great news! We are using krb5-1.3.2 and samba-3.0.1. These 2 version support multiple domains? Can you give me some example about how to configure krb5.conf and smb.comf? Thanks. John Joe Vieira [EMAIL PROTECTED] 写道: But there are multiple domains in active-directory. How to configure freeRADIUS or samba can let it support multiple domains? FreeRADIUS just used Samba to do authentication with AD. The winbind ntlm_auth API used in Samba cannot authenticate to multiple domains. that's not entirely true, you can (and i do) get samba to auth to multiple domains. the domains either need to be in the same forest,and or have full trusts back and forth. (i also found that adding them each to your kerberos config helps) basically you join to one of them and you should be able to enumerate all the users from both thru winbind or getent... Joe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - 雅虎邮箱传递新年祝福,个性贺卡送亲朋! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeRADIUS+samba3.0.1+AD(multiple domains)
Hangjun He wrote: But there are multiple domains in active-directory. How to configure freeRADIUS or samba can let it support multiple domains? FreeRADIUS just used Samba to do authentication with AD. The winbind ntlm_auth API used in Samba cannot authenticate to multiple domains. People have done this by writing wrapper scripts to start/stop the Samba processes for each authentication request, but that's a very bad hack. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: freeRADIUS+samba3.0.1+AD(multiple domains)
But there are multiple domains in active-directory. How to configure freeRADIUS or samba can let it support multiple domains? FreeRADIUS just used Samba to do authentication with AD. The winbind ntlm_auth API used in Samba cannot authenticate to multiple domains. that's not entirely true, you can (and i do) get samba to auth to multiple domains. the domains either need to be in the same forest,and or have full trusts back and forth. (i also found that adding them each to your kerberos config helps) basically you join to one of them and you should be able to enumerate all the users from both thru winbind or getent... Joe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeRADIUS+samba3.0.1+AD(multiple domains)
Hi, We are using freeRADIUS 1.1.6. and samba 3.0.1 talk to active-directory. Followed by: http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO Now it can work. But there are multiple domains in active-directory. How to configure freeRADIUS or samba can let it support multiple domains? Thanks. John - 雅虎邮箱传递新年祝福,个性贺卡送亲朋! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
