From owner-freebsd-questions@FreeBSD.ORG Wed Aug 3 22:33:37 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2623A16A41F for ; Wed, 3 Aug 2005 22:33:37 +0000 (GMT) (envelope-from jhary@unsane.co.uk) Received: from unsane.co.uk (unsane.co.uk [62.140.220.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3962443D46 for ; Wed, 3 Aug 2005 22:33:36 +0000 (GMT) (envelope-from jhary@unsane.co.uk) Received: from unsane.co.uk (localhost [127.0.0.1]) by unsane.co.uk (8.13.4/8.13.3) with ESMTP id j73MYKNj047850 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 3 Aug 2005 23:34:21 +0100 (BST) (envelope-from jhary@unsane.co.uk) Received: from localhost (jhary@localhost) by unsane.co.uk (8.13.4/8.13.3/Submit) with ESMTP id j73MYJnS047847; Wed, 3 Aug 2005 23:34:20 +0100 (BST) (envelope-from jhary@unsane.co.uk) Date: Wed, 3 Aug 2005 23:34:19 +0100 (BST) From: Vince Hoffman To: "Sean P. Malone" In-Reply-To: <42EFBA35.2060803@udallas.edu> Message-ID: <20050803232734.T47324@unsane.co.uk> References: <42EFBA35.2060803@udallas.edu> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-839810075-1123108459=:47324" Cc: FreeBSD Questions Subject: Re: pam_radius X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2005 22:33:37 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --0-839810075-1123108459=:47324 Content-Type: TEXT/PLAIN; charset=windows-1252; format=flowed Content-Transfer-Encoding: QUOTED-PRINTABLE On Tue, 2 Aug 2005, Sean P. Malone wrote: > I=92m rolling out a new email system and would love it if I could get tha= t=20 > system to authentic the user off of our existing Active Directory user=20 > database. > > As I understand, the pam_radius module should enable me to achieve the ta= sk.=20 > However, the only instructions that I=92ve been able to find are at: > > https://www.freebsd.uwaterloo.ca/twiki/bin/view/Freebsd/PamRadius?shin=3D= print.patern > > While these are helpful, I=92m still not able to get my BSD system to=20 > authenticate against a MS IAS =96 although the attempts are logged on the= IAS=20 > box without error. > > Does anyone know of a good additional source of information? > I've had it working happily both against freeradius and against an ACE=20 (securid) radius server, never tried with windows, I may have a go=20 tomorrow at work. The only thing I found was for ssh authentication I had to have a user of that name on the freebsd=20 box, for login/telnet I could use the template_user option. I guess thats= =20 something in ssh. Other than that the man pages for pam_radius and radius.conf were enough=20 to get it going. Like I said I'll have a look tomorrow if I get a chance. Vince > Thanks! > > Sean > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" > --0-839810075-1123108459=:47324--