Freeradius and Active directory (An aside)
Dean, Barry
B.Dean at liverpool.ac.uk
Tue May 20 16:05:51 CEST 2008
Alan DeKok said:
> It is impossible to use CHAP to authenticate to AD. You MUST use
> MS-CHAP, or PAP.
When testing my Radius server with AD and XSupplicant I found that EAP-TTLS with MD5 inner auth and EAP-MD5 as well as EAP-TTLS with CHAP inner auth all failed.
So you have explained why EAP-TTLS (CHAP) fails, thanks!
So, is EAP-MD5 and EAP-TTLS (MD5) not possible also, or is my Radius config broken?
---------------
Barry Dean
Networks Team
More information about the Freeradius-Users
mailing list