As far as I understand from reading the documentation and forum – yes it can.
How to do it?
my domain: pvk.local, domain controller is pk.pvk.local (192.168.0.1), which is also DNS and KDC.
What I do: I create a new profile in zeroshell: in the field “Hostname” – “zeroshell.pvk.local”, in the field “Kerberos 5 Realm“: “PVK.LOCAL”, field “LDAP Base” – “dc = pvk , dc = local “, other – as I need in my network .. then restart with the activation of a new profile.
Now go to the Kerberos 5 -> Realms. That I must add here? in the list of “Key Distribution Center List” already have a string “PVK.LOCAL (KDC: Local)”, so I “Use the DNS to discovery Realms and KDC servers not configured” put in the position of “Yes”.
now CAPTIVE PORTAL -> Authentication -> Authorized Domains I see a line pvk.local Radius (pap) I click “+” and select where to Domain Name: “pk.pvk.local” type “External Kerberos 5 Realm” -> Save, then the “D“. CAPTIVE PORTAL -> Gateway -> GW Active on: ETH00. (Activate checkbox).
Now entering only by password. but accepts only the user password admin.
what I’m doing right and what is wrong?
How to make user authentication by AD? should I configure/register (add) something to AD?