On 26 Mar 2013, at 15:47, Alan DeKok <al...@deployingradius.com> wrote:
> Alex Sharaz wrote: >> o.k. many thanks for this phil. I'll probably have a bash at this but, as >> I've done it before, just setting up radiator as something that just says >> yes/no sounds a lot easier :-)) > > I doubt it. > Actually I found the way Radiator worked simpler than getting to grips with FreeRadius, but then again that's probably because it was the 1st one I tried :-)) . Running Radiator just to auth users against AD and send back an access-accept/access-reject packet was fairly simple once you set up ActivePerl. > The problem is with AD, not with any RADIUS server. And that the > ntlmv2 protocol is *completely* different than the ntlmv1 protocol. > o.k. fair enough. > Don't blame the messenger. FreeRADIUS is the victim of the changed AD > policies, and the limitations of ntlmv2. Switching to another RADIUS > server won't help. > > Unless it's NPS, which uses the AD replication protocols to bypass > ntlm entirely. Well, I was running Radiator for a couple of years authenticating users against AD. ( sent out a snippet from the Radiator manual in another message) so I guess it wasn't using ntlm. but, from the point of view of getting the job done, it did work. Rgds Alex > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html