I want to have samba be the back end provider for authentication to a radius server. I found https://wiki.samba.org/index.php/VPN_Single_SignOn_with_Samba_AD and wanted to see if this is 'current' and works with samba 4.1.8 -- or if anyone is using it. I want to use RADIUS authentication on a firewall and have Samba be the source for the user accounts. I am using a pfsense firewall. Anyone pointers would be greatly appreciated. -- David Bear mobile: (602) 903-6476
On Mon, 2014-06-30 at 19:17 -0700, David Bear wrote:> I want to have samba be the back end provider for authentication to a > radius server. I found > https://wiki.samba.org/index.php/VPN_Single_SignOn_with_Samba_AD > > and wanted to see if this is 'current' and works with samba 4.1.8 -- or if > anyone is using it. > > I want to use RADIUS authentication on a firewall and have Samba be the > source for the user accounts. I am using a pfsense firewall. Anyone > pointers would be greatly appreciated.It looks reasonable to me, but I suggest running radius, ntlm_auth and winbindd on a member server, not on your DC. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
On Tue, Jul 1, 2014 at 7:47 AM, David Bear <dwbear75 at gmail.com> wrote:> I want to have samba be the back end provider for authentication to a > radius server. I found > https://wiki.samba.org/index.php/VPN_Single_SignOn_with_Samba_AD >This would VPN authenticating with a back end AD/DC (Samba4)> and wanted to see if this is 'current' and works with samba 4.1.8 -- or if > anyone is using it.No clue, but should be work.> I want to use RADIUS authentication on a firewall and have Samba be the > source for the user accounts. I am using a pfsense firewall. Anyone > pointers would be greatly appreciated.To the best of my understanding RADIUS authentication is a different authentication ball game which may use AD/DC or LDAP backends for authenticating users. In such a case Samba AD/DC would be the "backend' for your RADIUS server. search keywords "radius server active directory" gives the following which may be what you are looking for. <http://wiki.freeradius.org/guide/FreeRADIUS-Active-Directory-Integration-HOWTO> HTH, -- Arun Khan