Wifi + Active Directory without ntlm
aland at deployingradius.com
Tue May 19 15:04:59 CEST 2020
> On May 19, 2020, at 7:35 AM, Клеусов Владимир Сергеевич via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> Sum up. I can't use AD without ntlm. Because there are encrypted passwords coming from AD. Do I need Ntlm to work with encrypted passwords ?
That's a little confused.
Doing MS-CHAP to AD requires ntlm_auth.
If you have PAP, you can do normal LDAP bind to AD.
If you're not using AD, then FreeRADIUS supports all standard encryption types. But these only work for PAP. NT hashed passwords also work for MS-CHAP.
More information about the Freeradius-Users