Adel Abouchaev <[EMAIL PROTECTED]> wrote: > I have Cisco 6513 doing 802.1X port based authentication. Clients > are 2000 SP4 and XP SP1 Professional. We are using only > host based authentication, user authentication is prohibited by > configuration ( AuthenticationMode=2, SupplicantMode=3 ). Host will > authenticate > with it's Microsoft Windows 2000 based Active Directory computer > account. Credentials are sent from the host using Protected EAP (PEAP), > with MS-CHAP2 credentials furthermore. Radius server then sends this > information to AD, verifies that computer account is there and MD5 matches,
This doesn't work, because AD won't supply the relevant information. Use ntlm_auth. See the 1.0.0 release (radiusd.conf) for details. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
