rlm_krb5

[Alan DeKok]

Stieven.Struyf at komatsu.eu wrote:
...

  Please don't send HTML to the list.


> I am implementing 802.1x on our network. The
> easiest solution to do this is by using "reversible passwords" in
> active directory

  That isn't necessary.

> Only other way is by using kerberos.

  That's impossible.  Kerberos doesn't do MS-CHAP, which is the
authentication protocol used by Windows clients for 802.1x

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog