Jacob Jarick wrote:
> Is it true that the only way to authenticate against active directory
> is using ntlm_auth ?
For ms-chap, yes.
> I have been specifically asked not to use the ntlm_auth method against
> AD out of security cocerns from having samba installed. I cant see the
> risk of having samba installed myself if no directorys are being
> shared (please correct me if Im wrong).
Yes. You can also put firewall rules in place to block any traffic to
the Samba machine.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html