[Samba] Samba and Freeradius...

[Marco Gaiarin]

Sorry, i came back with another little note. For LDAP access seems
that, instead of specifying user/dn and password SASL/Kerberos can be
used.

Config file (/etc/freeradius/3.0/mods-available/ldap) say:

        #
        #  SASL parameters to use for admin binds
        #
        #  When we're prompted by the SASL library, these control
        #  the responses given, as well as the identity and password
        #  directives above.
        #
        #  If any directive is commented out, a NULL response will be
        #  provided to cyrus-sasl.
        #
        #  Unfortunately the only way to control Keberos here is through
        #  environmental variables, as cyrus-sasl provides no API to
        #  set the krb5 config directly.
        #
        #  Full documentation for MIT krb5 can be found here:
        #
        #       http://web.mit.edu/kerberos/krb5-devel/doc/admin/env_variables.html
        #
        #  At a minimum you probably want to set KRB5_CLIENT_KTNAME.
        #
        sasl {
                # SASL mechanism
#               mech = 'PLAIN'

                # SASL authorisation identity to proxy.
#               proxy = 'autz_id'

                # SASL realm. Used for kerberos.
#               realm = 'AD.FVG.LNF.IT'
        }


Someone have used it? Have some configuration examples to share?


Thanks.

-- 
dott. Marco Gaiarin				        GNUPG Key ID: 240A3D66
  Associazione ``La Nostra Famiglia''          http://www.lanostrafamiglia.it/
  Polo FVG   -   Via della Bontà, 7 - 33078   -   San Vito al Tagliamento (PN)
  marco.gaiarin(at)lanostrafamiglia.it   t +39-0434-842711   f +39-0434-842797

		Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
      http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
	(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)