[EMAIL PROTECTED] wrote:
Is it possible to use freeradius to authenticate against Active Directory
without using CHAP or PEAP? I have found directions to do this with
supplicants using peap etc. but I don't want to use supplicants. I am
currently using freeradius to auth against LDAP with out a problem (for my
wireless network). I have made changes in radiusd.conf (basically
replacing my LDAP entries with the corresponding AD entry) to try to auth
agains AD, but it does not look as if it can read the password. Is anyone
else doing this? And if so, how?
No. AD doesn't give you the password.
The only things you can do are:
1) authenticate PAP request by doing an LDAP simple bind against AD.
2) use the "ntlm_auth" helper of the "mschap" module with Samba joined
into the domain
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html