-*Authenticate user directly against LDAP server if LDAP server has readable attribute containing the MD4 hash of the user's password.
*Microsoft Active Directory does NOT have a readable attribute containing the MD4 hash of the users password and therefore authenticating directly against MS AD is NOT supported. Use IAS or NPS with MS AD.
-Leverages certificate already installed on BSC.
-Allows you to support 802.1X authentication without deploying a RADIUS server(Local User DB/LDAP) or with a RADIUS server that doesn't support EAP.