CHAP and Windows 2003 AD LDAP
Alan DeKok
aland at nitros9.org
Wed Jul 5 19:25:48 CEST 2006
Josh Howlett <josh.howlett at bristol.ac.uk> wrote:
> Any idea how IAS gets hold of it for CHAP?
IAS is incestuous with the rest of the Microsoft world. But even
IAS can't do CHAP unless the "use reversible encryption" is set in AD.
Once that's set, IAS uses magic secret bloated RPC calls to connect
to AD, and get the password. The Samba guys are working on reverse
engineering the protocol, but they're not done yet.
Alan DeKok.
More information about the Freeradius-Users
mailing list