James McOrmond wrote: > This is a Samba NT domain, not AD. I do not have access to the plain > text password through Samba or LDAP.
Samba is a lot friendlier about passwords than AD is. > The "Protocol and Password Compatibility" chart and the "Authenticaiton > Systems and Password Compatibility" chart from the "Deploying RADIUS: > The Book" page specifically says PAP/ntlm_auth is functional. Regular > CHAP is not because it requires the clear-text password. The issue is convincing the database to give FreeRADIUS *something* to use for authetnication. The web page lists ntlm_auth only because of AD limitations. With Samba, you just map the LDAP "ntpasswd" or "sambantpasswd" attribute to the RADIUS attribute. See ldap.attrmap. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html