<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:v =
"urn:schemas-microsoft-com:vml" xmlns:o =
"urn:schemas-microsoft-com:office:office" xmlns:w =
"urn:schemas-microsoft-com:office:word"><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2722" name=GENERATOR><!--[if !mso]>
<STYLE>v\:* {
BEHAVIOR: url(#default#VML)
}
o\:* {
BEHAVIOR: url(#default#VML)
}
w\:* {
BEHAVIOR: url(#default#VML)
}
.shape {
BEHAVIOR: url(#default#VML)
}
</STYLE>
<![endif]-->
<STYLE>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:Arial;
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal;
font-family:Arial;
color:navy;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</STYLE>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></HEAD>
<BODY lang=EN-US vLink=purple link=blue bgColor=white>
<DIV>But in order to generate the hash, the radius server needs the clear-text
password. That is not possible to get from AD.</DIV>
<DIV>g-)</DIV>
<DIV>---- Original Message ----<BR>From: Chris St Denis<BR>To: 'Greger V.
Teigre' ; 'Jaroslaw Gawron' ; serusers@lists.iptel.org<BR>Sent: Tuesday, September 13,
2005 09:01 PM<BR>Subject: RE: [Serusers] SER + Windows Domain<BR><BR>> I
believe the radius server can do the digest work (query for the<BR>> username
and password, generate the hash, and compare the digest sent<BR>> from the
sip message. <BR>> <BR>> <BR>> <BR>> <BR>> From: Greger V.
Teigre [mailto:greger@teigre.com]<BR>> Sent: Tuesday, September 13, 2005
11:37 AM<BR>> To: Chris St Denis; 'Jaroslaw Gawron';
serusers@lists.iptel.org<BR>> Subject: Re: [Serusers] SER + Windows Domain<BR>>
<BR>> Are you sure? AD stores hashed passwords and the digest auth
method<BR>> must be implemented. Even though the radius server can
authenticate<BR>> against AD (normally through the LDAP interface), you
probably run<BR>> into problems due to the hash. Another option is using IAS
(Internet<BR>> Authentication Server), basically a simple RADIUS server
front-end to<BR>> AD. I don't know if IAS supports digest, but I wouldn't bet
on it. <BR>> g-)<BR>> ---- Original Message ----<BR>> From:
Chris St Denis<BR>> To: 'Jaroslaw Gawron' ; serusers@lists.iptel.org<BR>> Sent:
Tuesday, September 13, 2005 07:09 PM<BR>> Subject: RE: [Serusers] SER +
Windows Domain<BR>> <BR>>> You could do it with SER’s radius
authentication if you get a radius<BR>>> server that can interface with
windows active directory.<BR>>> <BR>>> I think FreeRadius can, but
I’ve never tried.<BR>>> <BR>>> <BR>>> <BR>>>
<BR>>> From: serusers-bounces@lists.iptel.org
[mailto:serusers-bounces@lists.iptel.org]<BR>>> On Behalf Of Jaroslaw
Gawron<BR>>> Sent: Tuesday, September 13, 2005 4:33 AM<BR>>> To:
serusers@lists.iptel.org<BR>>> Subject: [Serusers] SER + Windows
Domain<BR>>> <BR>>> Hi all<BR>>> <BR>>> Is there a way
to integrate sip authentication with Windows domain<BR>>> database -
to integrate function www_authorize with the Active<BR>>> Directory
?<BR>>> If anyone know how to solve this problem – any suggestions are
very<BR>>> welcome.<BR>>> Best regards,<BR>>> <BR>>>
Jaroslaw Gawron<BR>>> <BR>>> <BR>>> <BR>>>
_______________________________________________<BR>>> Serusers mailing
list<BR>>> serusers@lists.iptel.org<BR>>>
http://lists.iptel.org/mailman/listinfo/serusers</DIV></BODY></HTML>