[Samba] Samba and Freeradius...
Marco Gaiarin
gaio at sv.lnf.it
Thu Oct 11 10:35:09 UTC 2018
Sorry, i came back with another little note. For LDAP access seems
that, instead of specifying user/dn and password SASL/Kerberos can be
used.
Config file (/etc/freeradius/3.0/mods-available/ldap) say:
#
# SASL parameters to use for admin binds
#
# When we're prompted by the SASL library, these control
# the responses given, as well as the identity and password
# directives above.
#
# If any directive is commented out, a NULL response will be
# provided to cyrus-sasl.
#
# Unfortunately the only way to control Keberos here is through
# environmental variables, as cyrus-sasl provides no API to
# set the krb5 config directly.
#
# Full documentation for MIT krb5 can be found here:
#
# http://web.mit.edu/kerberos/krb5-devel/doc/admin/env_variables.html
#
# At a minimum you probably want to set KRB5_CLIENT_KTNAME.
#
sasl {
# SASL mechanism
# mech = 'PLAIN'
# SASL authorisation identity to proxy.
# proxy = 'autz_id'
# SASL realm. Used for kerberos.
# realm = 'AD.FVG.LNF.IT'
}
Someone have used it? Have some configuration examples to share?
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list