Sean Perry <[EMAIL PROTECTED]> wrote: > I am trying to setup a Linux VPN. Most of the pieces are now in place. > I am trying to authenticate against radius which in turn will > authenticate against our existing Active Directory server.
People have done this. To a certain extent, AD is just another LDAP server. > Looking through the archives I see several people try but no real > responses. Ron Wahler claims to have Active Directory working but he > was not using chap. > > Is this possible? Not with CHAP. AD doesn't allow you to look at the users clear-text passwords, so CHAP is impossible. Yet, somehow, IAS does CHAP against AD. Is anyone willing to bet *against* the idea that Microsoft has one API for customers, and another, better API for themselves? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
