FR + LDAP + ADS 2003 password questions
Alan DeKok
aland at deployingradius.com
Mon Apr 23 14:04:34 CEST 2007
Jacob Jarick wrote:
> Is it true that the only way to authenticate against active directory
> is using ntlm_auth ?
For ms-chap, yes.
> I have been specifically asked not to use the ntlm_auth method against
> AD out of security cocerns from having samba installed. I cant see the
> risk of having samba installed myself if no directorys are being
> shared (please correct me if Im wrong).
Yes. You can also put firewall rules in place to block any traffic to
the Samba machine.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list