Hi all, I'm a network administrator for a company in the Netherlands.
We're planning to give our users access to our local network through vpn over the internet so they can work at home. Ofcourse to allow this there needs to be a bit of security, part of it will be authenticating. We are using mainly unix/linux for our back office, and windows for our front office. The linux and unix part is run by me and 2 other guys. The windows part is run by a bunch of other people. Fact is that the people who need access have accounts on the windows domain. I see a couple sollutions, one I like some I dislike. The one I like is I build a radius server on linux which checks the user account information against our windows domain, so that if they create an account on the windows domain the radius server needs additional user account to allow this user access to our network. Is this possible ? The ones I dislike I give the windows administrators access to aformentioned linux radius server and teach them how to add users. ( I'm not sure what frightens me more, teaching microsoft sysadmins proper system administration or microsoft sysadmins with root access) The one I fear I build a microsoft isa server which does the authenticating. (why not have the ms admins build it? you ask...lets just say the networking skills are not very high with those people) Other options... If you have/know any, please tell me. Regards Rob Verduijn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
