802.1x with mschap-radius-ldap with ssha-1 passwords

Alan DeKok aland at nitros9.org
Tue Jul 18 18:57:51 CEST 2006


"Matt Ashfield" <mda at unb.ca> wrote:
> I guess the obvious question is why can't the Radius server simply perform a
> bind attempt to the LDAP server during authentication, as opposed to trying
> to compare the password received by the authenticator to the ssha-1 password
> stored in ldap?

  a) you stumbled on something that no one else in the world figured out

  b) your assumptions are incorrect, and my original response is correct.

  Choose one.

  Alan DeKok.



More information about the Freeradius-Users mailing list