We have on site a Windows 2008 RC2 domain controller ( 64-bit ) which I have a linux based freeradius server hanging from.

My question is, other than changing the users file on the freeradius server, is there another way of disabling a user from authentication through the radius server but still allow them access via the active directory route.

So for example, a user can log in quite happily on site using their windows machine.

If they go offsite and try authentication via the radius server they will not be allowed.

Does active directory have a flag or something that can be set against the user account to deny access via a radius link.

Thanks

Iain


______________________________________________________
SCRI, Invergowrie, Dundee, DD2 5DA.
The Scottish Crop Research Institute is a charitable company limited by guarantee.
Registered in Scotland No: SC 29367.
Recognised by the Inland Revenue as a Scottish Charity No: SC 006662.


DISCLAIMER:

This email is from the Scottish Crop Research Institute, but the views expressed by the sender are not necessarily the views of SCRI and its subsidiaries. This email and any files transmitted with it are confidential to the intended recipient at the e-mail address to which it has been addressed. It may not be disclosed or used by any other than that addressee.
If you are not the intended recipient you are requested to preserve this confidentiality and you must not use, disclose, copy, print or rely on this e-mail in any way. Please notify postmaster@scri.ac.uk quoting the name of the sender and delete the email from your system.

Although SCRI has taken reasonable precautions to ensure no viruses are present in this email, neither the Institute nor the sender accepts any responsibility for any viruses, and it is your responsibility to scan the email and the attachments (if any).
______________________________________________________