Alan DeKok wrote: >Luke <[EMAIL PROTECTED]> wrote: > > >>Unfortunately I need to support CHAP because it is used by an external >>global Dial-Up provider which the freeradius machine is authenticating for. >> >> > If the passwords are in AD your ONLY choice is to use IAS, and even >then, only if ALL of the passwords are stored via what they call >"using reversible encryption". > > Thanks Alan - looks like it is not possible (we do not want to use IAS and store passwords using reversible encryption - which would also mean resetting every user's password).
I'm going to need to talk to our global dial-up provider to see if they can send the radius request using anything other than CHAP if possible. Thanks again, Luke - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
