PEAP LDAP password problem

Alexey Eronko alexey.eronko at gmail.com
Tue Feb 26 15:30:07 CET 2008


Thank you for detailed explanation.

I'll try to reenter all users password in NTpassword attribute. 
Could someone give me link to appoporate openldap guide.

Where I can find howto do MAC filtering on Freeradius?

Thank you


-----Original Message-----
From: freeradius-users-bounces+alexey.eronko=gmail.com at lists.freeradius.org
[mailto:freeradius-users-bounces+alexey.eronko=gmail.com at lists.freeradius.or
g] On Behalf Of Alan DeKok
Sent: Tuesday, February 26, 2008 2:10 PM
To: FreeRadius users mailing list
Subject: Re: PEAP LDAP password problem

Alexey Eronko wrote:
> I have huge problem that I need to ask 200 users to reenter there
passwords
> in OpenLDAP.

  Then I guess you're not going to deploy PEAP.

> Another problem is that I'm not sure that I can store two kind of password
> simultaneously(nt and crypt).

  Yes, you can.  They can go into two separate fields in LDAP.

> Maybe someone know how to convert ldap passwords to nt hash? :) or I need
to
> reenter all passwords.

  You need to re-enter all of the passwords.  OR convince the Windows
users to install a supplicant such as SecureW2.

> [AE:]  The point is that my 200 users already have windows(active
directory)
> accounts and they know password.

  <sigh>  If you had said this at the start, it would have simplified it
a lot.

  Go read the Wiki for how to configure FreeRADIUS to authenticate PAP
against AD.  Or, see my web site.  There are examples there, too.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list