[RADIATOR] AuthBy LDAP2 to AD
hvn at open.com.au
Tue Dec 22 15:08:28 CST 2015
On 12/20/2015 09:49 PM, Hartmaier Alexander wrote:
> @Heikki: could you add a section in the AuthBy LDAP2 which covers the
> topic Microsoft Active Directory?
I've made a ticket for this including these:
- Global catalog ports
- ServerChecksPassword - can't get user credentials from AD
- AttrsWithBaseScope - for AD constructed attributes e.g., tokenGroups
for getting group and nested group membership information
- Differences with non-AD LDAP servers - anything else than the above?
One thing I'd like to ask you about Global Catalog: If the Base DN is
not empty, does it affect the search results? You wrote that it should
be left empty, however, I so far I have thought it's fine to specify a
See for example this doc, and search for 'non-instantiated'. As I
understand it, it says base DN that is empty or anything else is fine.
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
More information about the radiator