PAP credentials against AD?

Josh Howlett josh.howlett at
Wed Feb 15 16:41:52 CET 2006

Hi Stefan,

We probably need a freeradius-eduroam list :-)

>>Is it possible to authenticate PAP credentials from the NAS against a
>>Windows domain using NTLM? I've tried using the mschap module, but it
>>expects to see a Challenge that the NAS doesn't provide.
> If you want to authenticate against AD and have PAP credentials available, 
> just treat the AD server like an LDAP server, i.e.: the ldap {} section is 
> for you. It will use the credentials to bind as the user to AD, and if that 
> succeeds the user is allowed in.

I didn't realise that AD allowed authenticated binds from users by 
default. Does it require some special tweaking? Our AD admin are *very* 
cautious about who talks to it... (probably very sensible).

best regards, josh.

More information about the Freeradius-Users mailing list