<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from rtf -->
<style>.EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; }</style>
</head>
<body>
<font face="Calibri, sans-serif" size="2">
<div>Mike and Hugh,</div>
<div> </div>
<div> I need help with authenticating to Active Directory. I have tried the default AuthByLSA config and cannot seem to get it to authenticate to the domain. If I add a local user on the machine, it works fine.</div>
<div> </div>
<div>Radiator Version: 4.2</div>
<div>OS: Windows XP SP2 (fully patched)</div>
<div>Perl Version: Active State 5.8.8 (All necessary Radiator modules installed)</div>
<div>Laptop Client: Odyssey 4.51</div>
<div>Trying to: use AuthBy LSA along with PEAP and MSCHAP-V2</div>
<div> </div>
<div>Questions:</div>
<div> </div>
<ol style="margin-top: 0pt; margin-bottom: 0pt; margin-left: 36pt; ">
<li>Does the workstation/server Radiator resides on need to be part of the AD domain? I don’t think it does since Radiator can handle requests to multiple domains (or at least the documentation leads me to believe this).</li><li>Assuming we can get this working, does every possible domain user name need to reside in the users file? If not, is it sufficient to just have ‘anonymous Encrypted-Password=nevermatch (assuming we don’t do anything too fancy)?</li><li>Do the passwords need to be stored using reversible encryption if using MSCHAP-V2? </li><li>If a working solution is found can radpwtst be used to test? I tried testing with it earlier but there does not seem to be a place to put the outer ‘anonymous’ user name.</li></ol>
<div> </div>
<div> </div>
<div>Thanks,</div>
<div>Steve</div>
<div style="padding-left: 18pt; "> (Log file and radius.cfg attached)</div>
<div> </div>
<div> </div>
</font>
</body>
</html>