Getting PAP to work with ntlm_auth

Neil Prockter n.prockter at lse.ac.uk
Wed Jun 16 16:07:42 CEST 2010


On 15/06/10 07:51, Alan DeKok wrote:
> Neil Prockter wrote:w
>> I want to authenticate users against Active Directory for EAP-MSCHAPv2
>> and PAP.  PAP is for a wireless web authentication redirection service
>> that authenticates using PAP and its PAP I'm trying to debug not MSCHAP
>> at present.
> 
>   For that, you can configure Active Directory as an LDAP server.  It
> will be faster and more stable than using ntlm_auth.
I've done that and PAP/LDAP has tested well.  EAP-MSCHAPv2/ntlm_auth is
not happy but I'll have more of a look before mailing about that.

Thanks

Neil
> 
>> I've been following
>> http://deployingradius.com/documents/configuration/active_directory.html
>>
>> All goes well until I get towards the end.
>>
>> Once I remove
>> DEFAULT Auth-Type = ntlm_auth
>> from users PAP stops working
> 
>   If you *want* PAP to use ntlm_auth, then you need to leave that line
> in.  We recommend deleting it because most people want PAP to use
> *another* way of authenticating.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/planningAndCorporatePolicy/legalandComplianceTeam/legal/disclaimer.htm



More information about the Freeradius-Users mailing list