CHAP, LDAP and MS AD

[duckeo]

I just wanted to confirm what I have researched and found to be 'not feasible'.

Using CHAP authentication with Microsoft Active Directory is not
possible without modifying the Active Directory to store a plain-text
version of the password.

MS-CHAP is an option but must be supported on the client end, using ntlm_auth.

I ask as I am trying to persue the path of getting the end client to
use PAP, but wanted to get my facts straight first.

Thanks