"Graham, Robert" <rgraham at mem-ins.com> wrote: > I'm I correct to state that the "password_attribute =3D userPassword" in > the ldap section causes ldap to retrieve the user's password out Active > Directory? No. Messages in the past few days have said you can't get passwords from AD. It's impossible. You have to use ntlm_auth. See radiusd.conf Alan DeKok.