Miriam Benham <[EMAIL PROTECTED]> wrote: > PAP works great with my existing NT domain authentication configuration, > but if I use CHAP it fails. I've read that I have to create users > credentials on the freeradius server if I want to use CHAP.
That's not true. PAP is fine. As for why CHAP fails, see the FAQ. The problem with SMB authentication is exactly the same as for Unix authentication against /etc/passwd > Question: Is there anyway around the username/password duplication on > the freeradius server. Is there any way to have the password encrypted > through the phone line (using CHAP) and get authenticated by the NT > domain server without using "password in the clear" PAP. No. See the FAQ. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
