[RADIATOR] NTLM/Samba Auth and OUs
Ullfig, Roberto Alfredo
rullfig at uic.edu
Wed Jan 4 18:21:58 UTC 2017
Old reply...
...but a Group is not a OU. My tests with using this option with an OU have not worked. Does anyone here know if samba/ntlm_auth can be configured to authenticate only users in a particular OU?
---
Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Architecture and Development | ACCC
University of Illinois - Chicago
-----Original Message-----
From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of vartiait at open.com.au
Sent: Thursday, May 05, 2016 3:29 AM
To: radiator at open.com.au
Subject: Re: [RADIATOR] NTLM/Samba Auth and OUs
Hello,
On Wednesday, 4 May, 2016 18:05, "Ullfig, Roberto Alfredo" <rullfig at uic.edu> said:
>
> Can Radiator restrict access to an
> OU or can this be done in Samba?
>
ntlm_auth has an optional parameter --require-membership-of={SID|Name}
which could be used to restrict access only for members of certain group.
(ref: https://www.samba.org/samba/docs/man/manpages/ntlm_auth.1.html)
<AuthBy NTLM>
...
NtlmAuthProg /usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 --require-membership-of='WORKGROUP\Domain Users'
...
</AuthBy>
BR
--
Tuure Vartiainen
Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator
More information about the radiator
mailing list