Luiz Gustavo de Villa Scandelari wrote: > I would like to receive some help on authentication with AD using CHAP > Passwords.
http://deployingradius.com/documents/protocols/compatibility.html It's impossible. Use a real LDAP server. > I suppose that happens because I cannot read the AD user password, > right? Yes. > The important is that works with LDAP authentication. No. It works with *clear-text password* authentication. > The problem > is that I have a system that sends Access-Requests with Username and > CHAP-Passwords (CoovaChilli), so radius authorize the user but cannot > authenticate it. Then fix it to send User-Password. > > > I´ve already read the Allan´s webpage > (http://deployingradius.com/documents/configuration/active_directory.html) > about integration of AD and RADIUS but I still have some questions. Can > I use CHAP with SAMBA ntlm_auth method The web page lists what's possible. Using Samba won't help. > or should i need to change the > password encryption to another protocol such as PAP or MS-CHAP? If I > modify the coovachilli to send PAP passwords, am I going to be able to > use ldap for authorization and authentication or do I need just plain? You will be able to use LDAP is Chilli sends PAP requests. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
