Hi, I have another general question. I have a running freeradius instance on Ubuntu for authorization against Windows AD, based on ntlm_auth. But to get more group depended post-auth capabilities I thought I can switch to LDAP module. I tested that in a test installation with OpenLDAP (instead of AD) and it worked fine. But now I was going to rollout this method to AD and failed to check the good password. Of course I'm aware that OpenLDAP and AD handles passwords differently so the surprise was not too big. So my questions are: - can I mix ntlm_auth for authorization and LDAP to do some group depended post-auth actions? - is that needed at all and there are ways to run LDAP only (in that case I probably did something wrong so far)? Thanks Uwe