Greetings, I have poked about on google and read several how to's. Is it possible using any authentication module ( rlm_pam,rlm_ldap...) To authenticate a connection from a client using CHAP or MS-CHAP to an Active Directory Server (TM) *cough*.
I can authenticate just fine with cleartext to the radius server using PAM---Winbind -->ADS Gives the same error as below LDAP -->ADS Error: User-Password is Required for authentication. Cannot use "CHAP-Password" Looking at the debug output I see the request with the CHAP-Password. I am now thoroughly confused. I had this working with a mirapoint (LDAP server), Any ideas on getting chap-pap authentication working against an ADS server. To Summarize: 1) What should the users file contain? 2) Which is a better way to authenticate? ldap,PAM-->Winbind? 3) Can I use the ntlm_auth line with the chap 4) I have read about peap and eap. Perhaps this would work? 5) Is there a good freeradius book you would recommend? Heck, I'll even volunteer to write a howto on it! (I write heaps of documentation). What I am trying to avoid is having password transmitted clear text over the network. Is there perhaps a better Solution? Thanks! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html