Active Directory with NTLM_AUTH

duckeo duckeo at
Fri Oct 13 06:56:47 CEST 2006

Okay I've been following the Wiki for Active Directory Integration but
now I'm stuck.

I'm successful at getting the machine to join the AD with Samba3, I
have NTLM_AUTH working from the command line to challenge for the user
and return successful.

Next part is getting FreeRadius to use this information.

The end result is that I am using a Dial Up adapter within Windows to
talk to radius, so I want the default Windows settings of MSCHAP to
work first (means I have to customise the client end less).

What (if anything) do I need to do to the users file?

I also need to check that the user is a member of a particular group
in Active Directory before Access-Accept is sent - do I fall back to
LDAP for this?

I have had LDAP only working with PAP, but am stuck with getting it to
work with MS-CHAP.

More information about the Freeradius-Users mailing list