3 Sep
2014
3 Sep
'14
12:01 p.m.
On 09/03/2014 11:52 AM, Dennis Xu wrote:
Hello,
I am looking for confirmation that because our AD stores passwords in crypt'd or SHA1 format, we cannot use FreeRadius to authenticate against our AD using PEAP and EAP-MSCHAPv2?
http://deployingradius.com/documents/protocols/compatibility.html
Is the above link still up-to-date?
Take a look at: http://deployingradius.com/documents/configuration/active_directory.html You need to configure your FreeRADIUS server to use ntlm_auth precisely because FreeRADIUS does not have access to the cleartext passwords of Active Directory users. Cheers, Eloy Paris.-