FR + LDAP + ADS 2003 password questions
Jacob Jarick
mem.namefix at gmail.com
Mon Apr 23 14:34:00 CEST 2007
Sorry to pester u Alan :P
Does mschapv2 also support ntlm_auth ?
and now that I understand your tables (well I think) I should be able
to persuade my employer to use ntlm and firewall the the samba ports.
On 4/23/07, Alan DeKok <aland at deployingradius.com> wrote:
> Jacob Jarick wrote:
> > Is it true that the only way to authenticate against active directory
> > is using ntlm_auth ?
>
> For ms-chap, yes.
>
> > I have been specifically asked not to use the ntlm_auth method against
> > AD out of security cocerns from having samba installed. I cant see the
> > risk of having samba installed myself if no directorys are being
> > shared (please correct me if Im wrong).
>
> Yes. You can also put firewall rules in place to block any traffic to
> the Samba machine.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list