On Wed, 26 Nov 2008, Doug Hughes wrote: > [EMAIL PROTECTED] wrote: >> I'm looking for a GINA agent that I can install on windows to have it >> authenticate against a radius server that does the challenge/response >> authentication option (which requires asking for the userid, going to the >> radius server to get a challenge, then getting the response from the user) >> >> as I search it seems that the common tool for this was pgina, but the >> author just pronounced it abandonware. >> >> I've got a tool that should work from a token vendor, but they only want to >> support it going to their radius server and I need to have it go against a >> different one. >> >> can anyone give me pointers to such a tool? >> >> David Lang >> > have you considered doing 'normal'* auth to a linux/unix box and then > translating that to a radius auth using PAM? > > * where normal can be of a variety of other supported common auth methods. > > It might take a little bit of glue work, but it's doable. I did a tacacs to > securid translator this way once upon a time.
I may not be understanding what your are suggesting, but it sounds like you think I am asking to have the *nix box authenticate against windows. I'm trying to go the other way. I need to windows box to ask for token authentication when a user logs into it. I have the ability to have the token authentication via Radius and I can do this for several tools, but for windows I am running into problems. I have a vendor tool that I can make work for plain servers or terminal servers (without support from the vendor, not the best of situations) I can't find anything to work on a Citrix server, and I'm not happy running the vendor tool in a way that they won't support (an opensource tool doesn't guarentee support, but at least you have a chance) With my token server I do have the ability to use a linux pam module for authentication as well as acting like a radius server. I don't see how that would help. David Lang _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
