Caching techniques with ntlm_auth usage? (EAP-PEAP-MSchapV2)

James J J Hooper jjj.hooper at
Sat Mar 5 02:17:54 CET 2011

--On 04 March 2011 12:34 -0500 John Douglass <john.douglass at> 

> Group,
> Recently, my AD servers were patched by another support group and this
> caused a (small but noticeable) service outage for our WPA radius
> services (Radius 2.1.9)

I can think of two things to investigate:
* Recent Samba can do winbind credential caching IIRC - I haven't 
experimented with this so I'm not sure if it will work for this application.

* Enable Fast Session Resumption:

... We dropped the hits on our DCs by > 40% by doing this. N.B Resumed 
sessions will not touch your inner-tunnel config, so you have to make sure 
that you pay attention when (re-)assigning VLANs / other returned 
attributes based on username.


James J J Hooper
Network Specialist, University of Bristol 	 	

More information about the Freeradius-Users mailing list