The idea was that leaving mschapv2. ttls/pap is the only way. I have a suggestion that LDAP is enabled here if ((ok | / updated) & & User-Password) { update { control:Auth-Type := ldap But I haven't found the answer yet why it isn't passed to LDAP.
9 июля 2020 г., в 12:41, Piviul <piviul@riminilug.it> написал(а):
Клеусов Владимир Сергеевич via Freeradius-Users ha scritto il 09/07/20 alle 10:41:
Thanks. The tutorial is cool. But I don't need mschapv2, but ttls/pap Do you mean EAP-TTLS? If you follow the guide[¹] after the step 2 you should have EAP-TTLS working... Any way I'm sorry, I don't know freeradius very well but I don't think that EAP-TTLS is the right way to authenticate on AD.
My best regards
Piviul
[¹] http://deployingradius.com/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html