Hi, > But clear-text passwords are in many situations a no-no > and usually you already have the sambav3 schema which > gives you > the windows password hashes which will work with mschapv2 > authentication
The whole security of RADIUS (and any similar product) is based on clear-text passwords (no matter if they are called client secrets or pre-shared keys or something else), so if that's a no-no for you, you just can't centralize user management. OTOH, if you can accept that those "network root passwords" are stored in clear-text form, what's the problem with storing mere user passwords in clear-text as well? Regards, Stefan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html