'Re: LDAP + Freeradius + Samba'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-technical
Subject:    Re: LDAP + Freeradius + Samba
From:       Andreas Rudat <rudat () endstelle ! de>
Date:       2011-10-28 10:04:33
Message-ID: 4EAA7E31.2000702 () endstelle ! de
[Download RAW message or body]


Am 28.10.2011 09:44, schrieb Stewart Walters:
> On any given Linux system (assuming that's what your using), NSS and PAM do all the \
> authentication. 
> In terms of client tools, they link to (and therefore leverage) NSS and PAM, which \
> OpemLDAP plugs in to. 
> It's often irrelevant if you use ntlm_pam, mschap, samba+winbind, pam_ldap, \
> freeradius, Authz or any other client tool. They all link back to NSS and PAM, \
> which when configured correctly plugs in to OpenLDAP. 
> Stewart

Ok thanks but if I don't missunderstand the documentation, then it only
works with clear passwords? But is it save enough then? Because peap
isn't supported then, too.

Andreas

> 
> On 28/10/2011, at 2:49 PM, Andreas Rudat <rudat(a)endstelle.de> wrote:
> 
> > Am 28.10.2011 04:28, schrieb Stewart Walters:
> > > Freeradius already supports posixAccount attributes for LDAP account \
> > > authentication - check the Freeradius website for a howto. 
> > > Freeradius and OpenLDAP also supports the storing of 802.1x attributes using \
> > > the RADIUS schema. 
> > > There are numerous howto's available on the web for how to implement either.
> > > 
> > > 
> > > 
> > > 
> > > On 28/10/2011, at 3:28 AM, Andreas Rudat <rudat(a)endstelle.de> wrote:
> > > 
> > > > Hello,
> > > > 
> > > > I got openldap running as user db for samba, now I want to use it also
> > > > as database for radius, I think it should be possible to use it without
> > > > big modifications or?
> > > > 
> > > > Thanks
> > > > 
> > ok thanks, I will look. Another question is, does I need any other
> > client tools for  windows/linux? At the moment I'm using ntlm_auth + mschap
> > 
> > Andreas
> > 
> > -- 
> > 
> > -----BEGIN PGP PUBLIC KEY BLOCK-----
> > Version: GnuPG v2.0.17 (MingW32)
> > 
> > mQGNBE6jHfABDACyzFkn6k+OtbRANjKZ6NEQOxnnsBSBSs6sT9EBF0U3MnnYW3/p
> > YTW+7aUa/1FZTOWt9wb9H7t0SOqpgqUBmRo/sPteepXblnDaGEh8tzIWfaC9MKc1
> > QobU5zK9KcDKrs3SyGXEPOOQM8QdtE8KfSJFdUxfanFJUbfTbxq5Gqz1eaU4cWxp
> > gR6GeVYnd11J8AdDDwkjPjx4ZJ5guZ+D646Qi3CT7KT6y8sXVPwpNA3CvGweYX0r
> > STKyBf+nlQtOtByrgZW7BiSAxilYUL4mGE4KmuYAadJ+O6X7NOtz3OQaWgSGjqxH
> > YxDu6orTzL4/csjoVXS9dgeGkhLJgAg72a2yxA4tx/8IXrGp3JVGYGEY2kYcq3k9
> > jq5hJezoy6s1N//mgm5KaB84zrU5cUcu8kXDppmnp7eXUPnBqj2g2O82buBNa48S
> > wAtnbY4K5fbcnog8g6ouYXpAJo9yHcj+wraQ8+TNFx5nbkg3fZKuf3UeyL3dPKXf
> > wsKehnZ3Ipqkb08AEQEAAbQiQW5kcmVhcyBSdWRhdCA8cnVkYXRAZW5kc3RlbGxl
> > LmRlPokBuAQTAQIAIgUCTqMd8AIbDwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
> > CgkQBw5gh+kRIv+yGQv5AQCRZt8wR2McgsTurZEZXz5UpxEPZB/dA/iXtPzZXJih
> > XLRZFqcdT+c8DCLbhXjO5aLndOCIDwWmsnqX2fuGAjlM4GJAAUEARSNtWY7V+rUt
> > PhdOz/flCZo/+p7wBi0XOJcWhysS7DV/ssSYdnuJvONUBXCQ/MpJsVXuKdgPa9IR
> > hvi37Ang1Cxb7htKHIuA4wCuqz1/4VGNez/65qwjuYakbB4/rXkKWb17XqCZrtoo
> > YiQSxPU7fP5lM4ybQXxP1qrptmaF9EqGTnj/xAU3tCE+PhB3baoVw6VG9nr9xYwh
> > bqCGtTbtrkmYlgioC2fFHDgg3U1GVBIbi0AoddXSs5OekgSvt827OcyWVSyjobyn
> > tH4/jwb8X8iOM/x8RZhzwKhpHA0k7ltTm7qXApARcL1tV6y4GIKwuy1RLZqkpNh1
> > teqYaxAKlxC77s6gftxqr7G6NCssgCCy2Y50LSvcQbZDPZeBdrPoGI/xAWNy4Otv
> > 33k4P9hxJKHNqLYJN+Gn
> > =UaS9
> > -----END PGP PUBLIC KEY BLOCK-----
> > 


-- 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (MingW32)

mQGNBE6jHfABDACyzFkn6k+OtbRANjKZ6NEQOxnnsBSBSs6sT9EBF0U3MnnYW3/p
YTW+7aUa/1FZTOWt9wb9H7t0SOqpgqUBmRo/sPteepXblnDaGEh8tzIWfaC9MKc1
QobU5zK9KcDKrs3SyGXEPOOQM8QdtE8KfSJFdUxfanFJUbfTbxq5Gqz1eaU4cWxp
gR6GeVYnd11J8AdDDwkjPjx4ZJ5guZ+D646Qi3CT7KT6y8sXVPwpNA3CvGweYX0r
STKyBf+nlQtOtByrgZW7BiSAxilYUL4mGE4KmuYAadJ+O6X7NOtz3OQaWgSGjqxH
YxDu6orTzL4/csjoVXS9dgeGkhLJgAg72a2yxA4tx/8IXrGp3JVGYGEY2kYcq3k9
jq5hJezoy6s1N//mgm5KaB84zrU5cUcu8kXDppmnp7eXUPnBqj2g2O82buBNa48S
wAtnbY4K5fbcnog8g6ouYXpAJo9yHcj+wraQ8+TNFx5nbkg3fZKuf3UeyL3dPKXf
wsKehnZ3Ipqkb08AEQEAAbQiQW5kcmVhcyBSdWRhdCA8cnVkYXRAZW5kc3RlbGxl
LmRlPokBuAQTAQIAIgUCTqMd8AIbDwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
CgkQBw5gh+kRIv+yGQv5AQCRZt8wR2McgsTurZEZXz5UpxEPZB/dA/iXtPzZXJih
XLRZFqcdT+c8DCLbhXjO5aLndOCIDwWmsnqX2fuGAjlM4GJAAUEARSNtWY7V+rUt
PhdOz/flCZo/+p7wBi0XOJcWhysS7DV/ssSYdnuJvONUBXCQ/MpJsVXuKdgPa9IR
hvi37Ang1Cxb7htKHIuA4wCuqz1/4VGNez/65qwjuYakbB4/rXkKWb17XqCZrtoo
YiQSxPU7fP5lM4ybQXxP1qrptmaF9EqGTnj/xAU3tCE+PhB3baoVw6VG9nr9xYwh
bqCGtTbtrkmYlgioC2fFHDgg3U1GVBIbi0AoddXSs5OekgSvt827OcyWVSyjobyn
tH4/jwb8X8iOM/x8RZhzwKhpHA0k7ltTm7qXApARcL1tV6y4GIKwuy1RLZqkpNh1
teqYaxAKlxC77s6gftxqr7G6NCssgCCy2Y50LSvcQbZDPZeBdrPoGI/xAWNy4Otv
33k4P9hxJKHNqLYJN+Gn
=UaS9
-----END PGP PUBLIC KEY BLOCK-----



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic