On 15/06/10 07:51, Alan DeKok wrote:
Neil Prockter wrote:w
I want to authenticate users against Active Directory for EAP-MSCHAPv2 and PAP. PAP is for a wireless web authentication redirection service that authenticates using PAP and its PAP I'm trying to debug not MSCHAP at present.
For that, you can configure Active Directory as an LDAP server. It will be faster and more stable than using ntlm_auth. I've done that and PAP/LDAP has tested well. EAP-MSCHAPv2/ntlm_auth is not happy but I'll have more of a look before mailing about that.
Thanks Neil
I've been following http://deployingradius.com/documents/configuration/active_directory.html
All goes well until I get towards the end.
Once I remove DEFAULT Auth-Type = ntlm_auth from users PAP stops working
If you *want* PAP to use ntlm_auth, then you need to leave that line in. We recommend deleting it because most people want PAP to use *another* way of authenticating.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/planningAndCorporatePolicy/legalandComplian...