PAP credentials against AD?
Josh Howlett
josh.howlett at bristol.ac.uk
Wed Feb 15 16:41:52 CET 2006
Hi Stefan,
We probably need a freeradius-eduroam list :-)
>>Is it possible to authenticate PAP credentials from the NAS against a
>>Windows domain using NTLM? I've tried using the mschap module, but it
>>expects to see a Challenge that the NAS doesn't provide.
>
>
> If you want to authenticate against AD and have PAP credentials available,
> just treat the AD server like an LDAP server, i.e.: the ldap {} section is
> for you. It will use the credentials to bind as the user to AD, and if that
> succeeds the user is allowed in.
I didn't realise that AD allowed authenticated binds from users by
default. Does it require some special tweaking? Our AD admin are *very*
cautious about who talks to it... (probably very sensible).
best regards, josh.
More information about the Freeradius-Users
mailing list