Sorry to pester u Alan :P

Does mschapv2 also support ntlm_auth ?

and now that I understand your tables (well I think) I should be able
to persuade my employer to use ntlm and firewall the the samba ports.

On 4/23/07, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Jacob Jarick wrote:
> > Is it true that the only way to authenticate against active directory
> > is using ntlm_auth ?
>
>   For ms-chap, yes.
>
> > I have been specifically asked not to use the ntlm_auth method against
> > AD out of security cocerns from having samba installed. I cant see the
> > risk of having samba installed myself if no directorys are being
> > shared (please correct me if Im wrong).
>
>   Yes.  You can also put firewall rules in place to block any traffic to
> the Samba machine.
>
>   Alan DeKok.
> --
>   http://deployingradius.com       - The web site of the book
>   http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to