<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=iso-8859-1"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.E-MailFormatvorlage17
{mso-style-type:personal-compose;
font-family:"Arial","sans-serif";
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 2.0cm 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=DE link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>Hello Everybody,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>I have two questions for my understanding. I set up FreeRADIUS to authenticate against our Active Directory. I read in the readme that this couldn´t be done with the ldap module, so I did it with SAMBA. It works fine for MSCHAPv2. But nowhere stands why it couldn’t be done with the ldap module. Can anybody give a technical explanation? As I read the ldap module can only work with cleartext passwords and eap is encrypted. But why can’t it work with. A technical explanation would be nice.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'>As I wrote I setted FreeRADIUS up to work fine with the Active Directory. I configured the eap.conf to work with PEAP and MSCHAPv2. When I configured it in this way I don’t need certificates? The certificates aren’t checked by the clients or server aren’t they? Do I need certificates when I use PEAP with MSCHAPv2 or I am doing something wrong?<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif"'><o:p> </o:p></span></p><div><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>Best Regards</span><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif";mso-fareast-language:DE'><br></span><b><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'><br>Sebastian Heinrich</span></b><span lang=EN-US style='font-size:12.0pt;font-family:"Times New Roman","serif";mso-fareast-language:DE'><br></span><span lang=EN-US style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>Techn. </span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>DV <br><br><br><o:p></o:p></span></p><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#00CCFF;mso-fareast-language:DE'>Aluminium Oxid Stade GmbH</span></b><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black;mso-fareast-language:DE'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:#00CCFF;mso-fareast-language:DE'>Johann-Rathje-Köser-Straße<br>21683 Stade<br><br></span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>email S.Heinrich@aos-stade.de<br>web </span><span lang=EN-GB style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'><a href="http://www.aos-stade.de/"><span lang=DE style='color:blue'>http://www.aos-stade.de</span></a></span><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black;mso-fareast-language:DE'><o:p></o:p></span></p><div class=MsoNormal align=center style='text-align:center'><span lang=EN-GB style='font-size:7.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'><hr size=2 width="100%" align=center></span></div><p class=MsoNormal><span style='font-size:7.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>Rechtliche Hinweise</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'> <o:p></o:p></span></p><p class=MsoNormal><span style='font-size:7.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>Registergericht:Tostedt HRB 100017</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:7.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>Vorsitzender des Aufsichtsrates: Victor Phillip M. Dahdaleh</span><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:7.5pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'>Geschäftsführer: Helmuth Buhrfeindt, Eberhard Guhl</span><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black;mso-fareast-language:DE'><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Arial","sans-serif";color:black;mso-fareast-language:DE'> <o:p></o:p></span></p></div><p class=MsoNormal><span style='font-size:7.5pt;font-family:"Tahoma","sans-serif";color:black;mso-fareast-language:DE'>Der Inhalt dieser E-Mail ist ausschliesslich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie bitte, dass jede Form der Kenntnisnahme, Veroeffentlichung, Vervielfaeltigung oder Weitergabe des Inhalts dieser E-Mail unzulaessig ist. Wir bitten Sie, sich in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen. <br> <br></span><span lang=EN-GB style='font-size:7.5pt;font-family:"Tahoma","sans-serif";color:black;mso-fareast-language:DE'>The information contained in this email is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any form of disclosure, reproduction, distribution or any action taken or refrained from in reliance on it, is prohibited and may be unlawful. Please notify the sender immediately. </span><o:p></o:p></p></div></body></html>