On 16/06/10 14:18, Iain Grant wrote: > We have on site a Windows 2008 RC2 domain controller ( 64-bit ) which I > have a linux based freeradius server hanging from. > > My question is, other than changing the users file on the freeradius > server, is there another way of disabling a user from authentication > through the radius server but still allow them access via the active > directory route. Have a group for users who may access via radius and use that in the ldap module's groupmembership_filter.
(warning: treat my advice with caution I'm a novice here.) > So for example, a user can log in quite happily on site using their > windows machine. > > If they go offsite and try authentication via the radius server they > will not be allowed. > > Does active directory have a flag or something that can be set against > the user account to deny access via a radius link. > > Thanks > > Iain > > > ______________________________________________________ > SCRI, Invergowrie, Dundee, DD2 5DA. > The Scottish Crop Research Institute is a charitable company limited by > guarantee. > Registered in Scotland No: SC 29367. > Recognised by the Inland Revenue as a Scottish Charity No: SC 006662. > > > DISCLAIMER: > > This email is from the Scottish Crop Research Institute, but the views > expressed by the sender are not necessarily the views of SCRI and its > subsidiaries. This email and any files transmitted with it are > confidential to the intended recipient at the e-mail address to which it > has been addressed. It may not be disclosed or used by any other than > that addressee. > If you are not the intended recipient you are requested to preserve this > confidentiality and you must not use, disclose, copy, print or rely on > this e-mail in any way. Please notify [email protected] quoting the > name of the sender and delete the email from your system. > > Although SCRI has taken reasonable precautions to ensure no viruses are > present in this email, neither the Institute nor the sender accepts any > responsibility for any viruses, and it is your responsibility to scan > the email and the attachments (if any). > ______________________________________________________ > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/planningAndCorporatePolicy/legalandComplianceTeam/legal/disclaimer.htm - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
