Educause Security Discussion mailing list archives
Re: Two Factor Windows Shares
From: Dan Peterson <drpeterson () ES NET>
Date: Thu, 25 Aug 2011 09:39:09 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AD supports Token/client certificate based authentication. However once logged in things like "pass the hash" still work, I would ask of the original poster what problem is being solved here? - -- Dan - -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joe St Sauver Sent: Thursday, August 25, 2011 9:15 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Two Factor Windows Shares Regarding:
I want to have a file server (preferably Windows) where the shares are protected by two factor authentication. The share would have permissions assigned to Active Directory users as a normal file share would. But if the user goes to the share I want it to prompt them for non-AD credentials such as a finger print.
I'm not a Samba person myself, and maybe not exactly what you were looking for, but it looks like Samba supports use of client certificates as an authentication option, see for example http://oreilly.com/openbook/samba/book/appa_05.html Regards, Joe -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.1.2 (Build 9) Charset: US-ASCII wj8DBQFOVnq05chTNtilRz8RAlsAAKCtYy3aLMkpo1/vlMJqk9e1VJjyaQCgmRLt xmmFfM7qNu7krRi0jWiA9k8= =z0BA -----END PGP SIGNATURE-----
Current thread:
- Two Factor Windows Shares Daniel Bennett (Aug 22)
- Re: Two Factor Windows Shares Rich Graves (Aug 25)
- <Possible follow-ups>
- Re: Two Factor Windows Shares Joe St Sauver (Aug 25)
- Re: Two Factor Windows Shares Dan Peterson (Aug 25)
- Re: Two Factor Windows Shares Rich Graves (Aug 25)
- Re: Two Factor Windows Shares Dan Peterson (Aug 25)