Authenticating users against an Active Directory or Windows domain is still not possible? Or maybe via a workaround like adding a linux samba server to a domain? https://wiki.strongswan.org/issues/2320