Cesar Ortega wrote:
I've been working on Freeradius with XP supplicants for a while but so far I could't make it. Authentication against Active Directory works like a charm (http://deployingradius.com/documents/configuration/active_directory.html).
That's good to hear.
I want to authenticate several users against AD keeping in mind the following conditions: - Not use of certificates at all. - Transparent authentication of clients in wireless networks using MS-CHAPv2 (username and password they use to authenticate against AD).
It's impossible. The protocols used between the PC && access point are EAP, and require TLS. If you don't want to use EAP-TTLS or EAP-PEAP, your *only* option is to re-write the software on the PC and the access point. That is... it's impossible. If you use PEAP, you only need one certificate: the server cert. Alan DeKok.