Re: Re: openser and AD

[Artur Hayne <arturhayne@yahoo.com.br>]

Active Directory does not supply clear-text passwords to FreeRADIUS.
In many cases, Active Directory doesn't *have* the clear-text passwords.

Digest authentication is impossible when the passwords are in Active
Directory. Sorry.

> I see in some tutorials show how authenticate in a domain to use one
> tool called ntlm_auth, but it seams that only work with the mschap
> protocol, and the openser uses the digest.

Yes. ntlm_auth will not help you.

> What to do? Any ideia?

Use another database, like OpenLDAP or MySQL. Active Directory is
responsible for making Digest authentication impossible.

> Its necessarily to do some configuration in the users or another files?

No. There is NOTHING you can do except use another database.

The Openser , Active Directory and FreeRadius support TLS. Can I use it for solve my problem? Or is this a bad ideia?

---

Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora!