How to authenticate users against a Windoze AD server with krb5?

Alan DeKok aland at ox.org
Wed Jun 1 19:19:00 CEST 2005


"Arne =?utf-8?q?G=C3=B6tje?= (=?utf-8?q?=E9=AB=98=E7=9B=9B=E8=8F=AF?=)" <arne at linux.org.tw> wrote:
> Can ntlm_auth handle MD5 hashes as passwords???

  Nope.

> Any solution to this or am I forced to use a M$ compatible radius server
> instead?

  You're forced to use IAS.  Nothing else does the right magic RPC
call to get the clear-text password.  And even with IAS, you'll have
to store the passwords in AD using "reversible encryption" as they call it.

  Alan DeKok.




More information about the Freeradius-Users mailing list