How to authentication windows clients without Active Directory
Posted on 2011-05-02
Short history for completeness:
I have an environment where I'm using Windows 2003 servers to create a Windows Active Directory domain that users authenticate to for access to servers/file server resources, etc. The domain is "unregistered", meaning it is not a publicly known domain (at least not mine).
I also use Windows IAS (RADIUS) to authenticate users who wish to access Remote Access VPN tunnels I create via a CIsco PIX firewall.
I am in the process of converting the environment to a publicly known domain (I've already registered the domain and have set up a DNS server). I am considering using open source alternatives to windows authentication/authorization and am considering using LDAP/FreeRADIUS.
I wanted to get feedback from the experts as to whether it's worth the switch and if so, what components I need to use.
I need windows machines to authenticate to a common source (e.g. SSO; Single Sign-On), controlled access to fileshares via Samba and NAS file servers (e.g. Snapserver and NetApp) and Remote Access VPN authentication.
So far it appears I need LDAP and FreeRADIUS bnut I'm still at the early stages of investigate.
Any detailed guidance would be greatly appreciated.