Dell PowerConnect W Clearpass 100 Software 3.7 Deployment Guide - Page 96

The number of seconds to wait for the LDAP query to finish. timelimit = 3 The number of seconds the LDAP server has to process the query (server-side time limit). net_timeout = 1 The number of seconds to wait for a response from the LDAP server (network failures). use_mppe = yes If this option is set to 'yes', MS-CHAP authentication will return the RADIUS attribute MS-CHAP-MPPEKeys for MS-CHAPv1, and MS-MPPE-Recv-Key/MS-MPPE-Send-Key for MS-CHAPv2. require_encryption = yes If 'use_mppe' is enabled, 'require_encryption' makes encryption moderate. require_strong = yes 'require_strong' always requires 128 bit encryption. with_ntdomain_hack = yes Windows sends the RADIUS server a username in the form of DOMAIN\user, but sends the challenge response based on only the user portion. Enable this option to handle this behavior correctly. ntlm_auth_domain = domain name Domain name to provide when performing an NTLM authentication; this is only required in certain circumstances-for example, authentication of users in a network using multiple domains and RADIUS servers. For additional settings, See "LDAP Module Configuration" in the Reference chapter. The LDAP module options that are described here. Note that to set an advanced option for an Active Directory external authentication server, specify the LDAP module option name without the "ldap." prefix. Configuring an LDAP External Authentication Server For LDAP external authentication servers, the following fields are displayed in the Edit Authentication Server form. 96 | RADIUS Services Amigopod 3.7 | Deployment Guide