Robert E. Toense wrote: > This may be on the fringes of the scope of this group, but any pointers > would be appreciated. > > I am attempting to setup EAP-PEAP authentication via FreeRadius and a > Windows-based LDAP backend. The users accounts are in AD. After making > it past a number of obstacles, I am communicating with the LDAP server, > but found that neither LM-Passwords nor NT-Passwords are loaded into the > LDAP. "Clear-text" is NOT an option, and is not available either,
Oh, they're in AD, but they're not available through LDAP. See: http://deployingradius.com/documents/configuration/active_directory.html > Yes, I could use ntlm_auth and probably get it working, but this is > supposed to be LDAP-based, not SAMBA. The LDAP could move to a > different environment. Use of standards is important to us. 1) Ask Microsoft to expose the password through LDAP. 2) Use Samba. 3) Use a real LDAP server. Those are your choices. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
