|
|
@ -411,7 +411,11 @@ Now this part is really awful, ugly, nasty, etc. You have been warned…
|
|
|
|
|
|
|
|
|
|
|
|
We will need to get quite creative, since most other people just use either
|
|
|
|
We will need to get quite creative, since most other people just use either
|
|
|
|
ntlm_auth, or LDAP, since the use-case is connecting to a Windows Active
|
|
|
|
ntlm_auth, or LDAP, since the use-case is connecting to a Windows Active
|
|
|
|
Directory. The `wiki page for
|
|
|
|
Directory[^Well, in the end this *will* be connected to an Active Directory,
|
|
|
|
|
|
|
|
but I do not want to try deploying an ad hoc instance of neither LDAP or AD, so
|
|
|
|
|
|
|
|
I stick to hacking Kerberos into my setup. Hopefully, the switch is not too
|
|
|
|
|
|
|
|
hard. (Also, EAP-GSSAPI would be nice, but I am not aware of it being
|
|
|
|
|
|
|
|
implemented.)]. The `wiki page for
|
|
|
|
rlm_krb5 <https://wiki.freeradius.org/modules/Rlm_krb5>`__ is quite unhelpful,
|
|
|
|
rlm_krb5 <https://wiki.freeradius.org/modules/Rlm_krb5>`__ is quite unhelpful,
|
|
|
|
really, and the documentation `at
|
|
|
|
really, and the documentation `at
|
|
|
|
networkradius <https://networkradius.com/doc/3.0.10/raddb/mods-available/krb5.html>`__,
|
|
|
|
networkradius <https://networkradius.com/doc/3.0.10/raddb/mods-available/krb5.html>`__,
|
|
|
|