LDAP-Authentication based on CHAP

Kostas Kalevras kkalev at noc.ntua.gr
Tue Jun 6 11:37:21 CEST 2006


On Tue, 6 Jun 2006, Rainer Brinkmann wrote:

> Hello,
> despite the FAQ- Entry "How do I make CHAP work with LDAP?":
>
> can anybody tell us if its basically possible to run  a chap-Auth against an 
> LDAP?
> I know, that a specific LDAP-Service must be able to retrieve a user-Pwd and 
> often it cant, cause of the storage of the pwd as "one-directioned (hashed)". 
> So, only a "simple bind" is ok.
> But if LDAP can run a chap-based password-check by retrieving a password: is 
> the LDAP-Protocol (v3)  basically capable of doing this?

If clear text passwords are available and can be retrieved by the ldap store 
then yes. Otherwise no. The ldap protocol has nothing to do with all this. Its 
only a matter of password availability.

>
> Hamburg/Germany,
> Rainer Brinkmann 
> - List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
>

--
Kostas Kalevras		Network Operations Center
kkalev at noc.ntua.gr	National Technical University of Athens, Greece
Work Phone:		+30 210 7721861
'Go back to the shadow'	Gandalf



More information about the Freeradius-Users mailing list