FW: MS AD / OpenLDAP with PAP - is it really not possible ?
Alan DeKok
aland at deployingradius.com
Thu May 20 19:19:40 CEST 2010
Pawel Cieplinski wrote:
> I have got application that allow only to authenticate using PAP method. My Goal would bo to use Active Directory as a abckend User Database, but I found that:
It should work.
> "Once the PAP authentication test has been successful, the next step for sites using Active Directory is to configure the system to perform user authentication against Active Directory. The clear-text passwords are unavailable through Active Directory, so we have to use Samba"
>
> Is it true ?
<sigh> *IF* you're trying to configure EAP. That is one step out of
many. It tests that AD integration works before going on to the next step.
> The same page describing to use ntlm_auth instead, But I cannot found how to pass attributes from LDAP Database using ntlm_auth to Radius Client.
>
> Is it possible to reply attributes from LDAP using ntlm_auth ?
No.
For PAP, configure AD as an LDAP server.
Alan DeKok.
More information about the Freeradius-Users
mailing list