Active Directory as a user store

Although Microsoft Active Directory includes an LDAP server, using LDAP excludes MS-CHAP authentication. The use of Active Directory as a user store enables the use of PAP and MS-CHAP authentication.

Configuring FreeRADIUS to use Active Directory as a user store consists of two main activities:

Configure a Samba server and join it to an Active Directory domain.
Configure FreeRADIUS to call the ntlm_auth binary to authenticate a user.

Samba is the standard Windows interoperability suite of programs for Linux and UNIX. It is a very mature project, which is in active development (http://www.samba.org/).

In this exercise we will join a Samba server to an Active Directory domain. This Samba server will appear as another ...

Get FreeRADIUS Beginner's Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

FreeRADIUS Beginner's Guide by Dirk van der Walt

Active Directory as a user store

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly