On 15/06/10 07:51, Alan DeKok wrote: > Neil Prockter wrote:w >> I want to authenticate users against Active Directory for EAP-MSCHAPv2 >> and PAP. PAP is for a wireless web authentication redirection service >> that authenticates using PAP and its PAP I'm trying to debug not MSCHAP >> at present. > > For that, you can configure Active Directory as an LDAP server. It > will be faster and more stable than using ntlm_auth. I've done that and PAP/LDAP has tested well. EAP-MSCHAPv2/ntlm_auth is not happy but I'll have more of a look before mailing about that.
Thanks Neil > >> I've been following >> http://deployingradius.com/documents/configuration/active_directory.html >> >> All goes well until I get towards the end. >> >> Once I remove >> DEFAULT Auth-Type = ntlm_auth >> from users PAP stops working > > If you *want* PAP to use ntlm_auth, then you need to leave that line > in. We recommend deleting it because most people want PAP to use > *another* way of authenticating. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/planningAndCorporatePolicy/legalandComplianceTeam/legal/disclaimer.htm - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
