25 Apr
2011
25 Apr
'11
4:30 p.m.
On 04/25/2011 02:44 PM, schilling wrote:
Could we extend the AD schema with another accessible ntPassword hash, and thus use LDAP against AD for PEAP/MSCHAP?
Yes, if you know everyones plaintext password. But if you do, you don't have this problem at all; you can just store Cleartext-Password in some secured SQL database and use that. In short: it's usually impractical.