Rafał Kamiński wrote:
Phil Mayers napisał(a):Assuming you want the most common EAP type, PEAP/MS-CHAP, your LDAP server must contain the users plaintext password or NT/LM hash, and you must configure FreeRadius to extract this information and add it to the configure items for a given request.Hi, Can you tell me how configure FreeRadius to extract this information and add it to the configure items for request ?
You need the correct values in the "ldap.attrmap" file. The default file comes with (amongst other) mappings:
checkItem LM-Password lmPassword checkItem NT-Password ntPassword
A set clear password in ldap and still i have that in debug mode: Login incorrect: [rka/<no User-Password attribute>] - rka is my user BR,
You'll need to add the relevant mapping e.g. if your cleartext password is in "clearPassword" you would use:
checkItem User-Password clearPassword Modify as appropriate.