Authenticating against Win2k8r2 without ntlm_auth

Fajar A. Nugraha list at fajar.net
Sun Apr 24 03:00:44 CEST 2011


On Sun, Apr 24, 2011 at 7:55 AM, Thomas Smith <theitsmith at gmail.com> wrote:
> On Sat, Apr 23, 2011 at 5:32 PM, Fajar A. Nugraha <list at fajar.net> wrote:
>> On Sun, Apr 24, 2011 at 6:48 AM, Thomas Smith <theitsmith at gmail.com> wrote:
>>> I use Likewise Enterprise to provide AD integration

>>> So I'm looking at alternate ways of authenticating against Win2k8r2. I
>>> was hoping to get some input from the list regarding this.
>>
>> Why not bypass Likewise?
>>
>> If another windows server is able to join the domain directly, then a
>> Linux machine with samba can surely join the same domain without
>> needing Likewise or some other third-party integration tool.
>
> Yeah, the thought had occurred to me. :-)
>
> This would just mean turning up another server specifically for FR.

That shouldn't be a problem if you use virtualization
(Xen/KVM/Virtualbox/Hyper-V/whatever). A small-medium instance (about
256M memory) should be enough.

> I
> would also loose some of the management capabilities that Likewise
> provides. I was hoping to find another way before resorting to that.

IIRC you can also run IAS/NPS on Windows and setup FR to proxy request there.

-- 
Fajar



More information about the Freeradius-Users mailing list