Getting PAP to work with ntlm_auth

Neil Prockter n.prockter at
Wed Jun 16 16:07:42 CEST 2010

On 15/06/10 07:51, Alan DeKok wrote:
> Neil Prockter wrote:w
>> I want to authenticate users against Active Directory for EAP-MSCHAPv2
>> and PAP.  PAP is for a wireless web authentication redirection service
>> that authenticates using PAP and its PAP I'm trying to debug not MSCHAP
>> at present.
>   For that, you can configure Active Directory as an LDAP server.  It
> will be faster and more stable than using ntlm_auth.
I've done that and PAP/LDAP has tested well.  EAP-MSCHAPv2/ntlm_auth is
not happy but I'll have more of a look before mailing about that.


>> I've been following
>> All goes well until I get towards the end.
>> Once I remove
>> DEFAULT Auth-Type = ntlm_auth
>> from users PAP stops working
>   If you *want* PAP to use ntlm_auth, then you need to leave that line
> in.  We recommend deleting it because most people want PAP to use
> *another* way of authenticating.
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

Please access the attached hyperlink for an important electronic communications disclaimer:

More information about the Freeradius-Users mailing list