On Wednesday 01 June 2005 01:08, Alan DeKok wrote:
The rlm_krb5 module takes a clear-text password from a RADIUS packet, and uses it to authenticate via kerberos. This may work against AD, but I don't think anyone has tried it.
Ouch! I think this answers my question... this method cannot work as the clear-text password is never supplied by the client. EAP-MD5 is used (802.1x). So it will only supply a MD5 hash... Can ntlm_auth handle MD5 hashes as passwords??? Any solution to this or am I forced to use a M$ compatible radius server instead? Cheers Arne -- Arne Götje (高盛華) <arne@linux.org.tw> PGP/GnuPG key: 1024D/685D1E8C Fingerprint: 2056 F6B7 DEA8 B478 311F 1C34 6E9F D06E 685D 1E8C Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.