We currently have an 802.1X environment using PEAP/MSCHAPv2 to Steel-Belted radius. SBR queries SQL for user credential validation. We are (thankfully) migrating away from SQL to an Active Directory solution. I have been told by Juniper that we will be unable to search/query for additional attributes in AD since we are using MSCHAPv2; I'm told that PAP (clear text passwords) must be used in order to use the ldap auth to BIND to AD.
Being that we need to be able to query for additional attributes, I am inquiring what other institutions are doing. If you are using both PEAP/MSCHAPv2 and Active Directory, I would appreciate you taking a moment to share how you are set up. Feel free to respond off list as well. Many thanks! ========== Ryan Holland Network Engineer, Wireless Office of the Chief Information Officer The Ohio State University 614-292-9906 holland....@osu.edu ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
