Jacob Jarick wrote:
> Is it true that the only way to authenticate against active directory
> is using ntlm_auth ?

  For ms-chap, yes.

> I have been specifically asked not to use the ntlm_auth method against
> AD out of security cocerns from having samba installed. I cant see the
> risk of having samba installed myself if no directorys are being
> shared (please correct me if Im wrong).

  Yes.  You can also put firewall rules in place to block any traffic to
the Samba machine.

  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to