CHAP and Windows 2003 AD LDAP
Stefan Winter
stefan.winter at restena.lu
Wed Jul 5 16:02:00 CEST 2006
Hi,
> I'm trying to get a freeradius server (v1.0.1) to work with CHAP and
How about 1.1.2? Upgrading is easy, and it fixes at least one security bug.
> querying a Windows 2003 Active Directory server using LDAP.
>
> I've got LDAP working for PAP queries, but CHAP comes back with the
> "rlm_chap: Could not find clear text password".
AD and LDAP-mode don't work together. The AD server will not give away the
user's attribute. If you want CHAP to work, you will need to use ntlm_auth.
That's more work, but possible. Several people keep asking how this works
every once in a while on this list, searching the archives and the FR website
will help you get along. There's also a great tutorial on the topic, which is
referenced here quite often by Charles Schwartz, see the archives for that
one as well.
Greetings,
--
Stefan WINTER
Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de
la Recherche
Ingenieur Forschung & Entwicklung
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu Tel.: +352 424409-1
http://www.restena.lu Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060705/36280da7/attachment.pgp>
More information about the Freeradius-Users
mailing list