freeradius winbind and require-membership-of

Fri Dec 8 12:31:44 CET 2017

Hi,

I used to specify an AD group with a command such as:

/usr/bin/ntlm_auth --request-nt-key  --username=%{Stripped-User-Name:-%{User-Name:-None}} --domain=DOMAIN --require-membership-of=DOMAIN\\ALLOWED_GROUP --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}

I'm now using winbind with freeradius.
mods-available/mschap:
winbind_username = "%{mschap:User-Name}"
winbind_domain = "%{mschap:NT-Domain}"

Is there a require-membership-of alternative for winbind?

Thanks,

Vieri