Can not authenticate against Active directory as LDAP server

Alan DeKok aland at ox.org
Wed Nov 30 16:45:51 CET 2005


"Anup Parkhi" <anup_parkhi at hotmail.com> wrote:
> EAP: EAP-MD5
> Directory: Active directory as LDAP server

  It's impossible.  EAP-MD5 doesn't supply a clear-text password, and
neither will AD.  So FreeRADIUS can't do authentication.

> rlm_ldap: Attribute "User-Password" is required for authentication.

  Exactly.  AD won't give the "known good" password to FreeRADIUS, and
AD doesn't understand EAP-MD5.  So what you want to do is impossible.

  Alan DeKok.




More information about the Freeradius-Users mailing list