Freeradius + Active Directory
Phil Mayers
p.mayers at imperial.ac.uk
Thu Oct 21 09:59:13 CEST 2010
On 10/20/2010 10:59 PM, Rowley, Mathew wrote:
> I was able to configure FreeRadius/AD differently than most tutorials
> – just using Kerberos as an authentication mechanism (sorry for any
> weird formatting, coming from a wiki):
(For the archives)
The reason it's different than most tutorials, to be clear, is that this
config can only check PAP requests, so is not useful for the common case
of PEAP/MS-CHAP for wireless/wired 802.1x.
Obviously if you use EAP-TTLS/PAP for 802.1x, or just PAP for some other
service (as CLI login to switches/routers usually is) it'll work fine.
(People seem to get very confused about this topic, so it's worth noting ;o)
More information about the Freeradius-Users
mailing list