Hi,
I have a DMZ appliance that will be a Radius Client for incoming connections from the internet. I wish to authenticate incoming user connections against Active Directory but have a second layer of security by challenging them to input an additional string that is mapped to a custom attribute on their AD accound. For example their mothers maiden name or place of birth.
I've fired up a test 2012R2 NTP server but cannot obviously see how it is possible to associate the AD attribute in the policies?
Can anyone give any pointers? I've traweled the web but haven't been able to find anything so far...
Cheers
Andy