Roberto Carna wrote: > Dear, I have several Windows 7 clients over WiFi autheticating throug > EAP-TLS to a Freeradius 2.1 service against a local MySQL database, it > works OK.
EAP-TLS doesn't use MySQL for storing credentials. Everything is in the certificate. > Now I have to change the authentication from MySQL to a remote Active > Directory on a Windows 2012 server. FreeRADIUS is an authentication server. MySQL is not. It's a database. Using the correct terminology menas it's easier to come up with a solution. Using the wrong terminology means you're lost, and you can't find a solution. > Because I don't know so much about Windows world, I need to know if I > have to use NTLM, LDAP or Kerberos in order to authenticate against > the remote AD. For MS-CHAP and PEAP, you use ntlm. You don't have any other choice. For EAP-TLS, you don't use AD or MySQL. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html