FreeRADIUS & AD LAP Communication

Russell Mike radius.sir at gmail.com
Thu Nov 21 12:27:47 CET 2013


Thank You Stefan. I shall study !!
Regards
RM --


On Wed, Nov 20, 2013 at 5:36 PM, <stefan.paetow at diamond.ac.uk> wrote:

> > 3a) Following is the out-put with REJECT access, Perhaps because
> password storage in AD is not clear text, is it due to that?
> >     Perhaps it cannot be tested with redtest?  i am using the following
> to test, is it correct test
> > radtest mike aabb88@ localhost 1812 HYbbunINFDR$88
>
> Correct. Active Directory does not store its passwords in plain-text.
> Active Directory only accepts NTLM/MSCHAPv2 authentication (or Kerberos,
> but that's a whole different kettle of fish).
>
> Additionally, you are better off testing EAP-TTLS/EAP-MSCHAPv2 or EAP-PEAP
> with Active Directory since that is what the general use case is. For that,
> you need eapol_test, which is part of the wpa_supplicant package.
>
> See http://deployingradius.com/documents/protocols/compatibility.htmlfirst, then
> http://confluence.diamond.ac.uk/display/PAAUTH/Using+Active+Directory+as+authentication+sourceand
> http://confluence.diamond.ac.uk/display/PAAUTH/Building+eapol_test+in+wpa_supplicantfor details :-)
>
> Stefan
>
>
> --
> This e-mail and any attachments may contain confidential, copyright and or
> privileged material, and are for the use of the intended addressee only. If
> you are not the intended addressee or an authorised recipient of the
> addressee please notify us of receipt by returning the e-mail and do not
> use, copy, retain, distribute or disclose the information in or attached to
> the e-mail.
> Any opinions expressed within this e-mail are those of the individual and
> not necessarily of Diamond Light Source Ltd.
> Diamond Light Source Ltd. cannot guarantee that this e-mail or any
> attachments are free from viruses and we cannot accept liability for any
> damage which you may sustain as a result of software viruses which may be
> transmitted in or with the message.
> Diamond Light Source Limited (company no. 4375679). Registered in England
> and Wales with its registered office at Diamond House, Harwell Science and
> Innovation Campus, Didcot, Oxfordshire, OX11 0DE, United Kingdom
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131121/1babfd91/attachment.html>


More information about the Freeradius-Users mailing list