You don't. It's impossible. You need to follow the Active Directory configuration guide:
Deploying RADIUS: Configuring Authentication with Active Directory | | | | Deploying RADIUS: Configuring Authentication with Active Directory Alan DeKok / Design by Andreas Viklund - http://andreasviklund.com/ Deploying RADIUS: The web site of the book | | | This link will not help because the AD is running on a ''separate'' machine. The link shows how to integrate SAMBA and Freeradius on the same machine. I still need help. Also the version of EAP used is PEAP as the request are coming from a Cisco Wireless LAN Controller. On Wednesday, September 19, 2018, 11:41:24 AM GMT+1, Alan DeKok <aland@deployingradius.com> wrote: On Sep 19, 2018, at 5:04 AM, daada muyiwa via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Is it an actual LDAP server? Or is it Active Directory? ''Active directory''
Then it's not a real LDAP server. It's close. but not quite a real LDAP server.
Allow FreeRADIUS to read the "known good" password from LDAP, and it will Just Work.
How do I make Freeradius decrypt the EAP request and query the AD with the clear text password in order to authenticate a user.
You don't. It's impossible. You need to follow the Active Directory configuration guide: http://deployingradius.com/documents/configuration/active_directory.html Alan DeKok.