Patrick Bartkus wrote:
Please tell me someone has fixed this problem.
I'm trying to authenticate an Ascend MAX dial-up server back to Windows Active Directory.
I am using a local unix group for authorization.
I have Pam set up on my system and it uses Kerberos 5 to authenticate to AD just fine.
But I'm getting: auth: type "PAM" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_pam: Attribute "User-Password" is required for authentication. Cannot use "CHAP-Password". modcall[authenticate]: module "pam" returns invalid for request 0
I did some checking and found this posting from 2003 basically saying it can't be done: http://www.mail-archive.com/freeradius-users@lists.cistron.nl/msg19439.html
I do have other options other than the Windows Domain authentication, but I was not wanting to pursue them unless I had to.
Has this been solved or am I SOL?
It is not a code bug. It is a fundamental feature of the algorithm. It *cannot* be solved. You are, as you put it, SOL.