LDAP ntPassword and lmPassword help

tnt at kalik.net tnt at kalik.net
Thu Mar 19 20:17:49 CET 2009


>I have a LDAP server which contains ntPassword and lmPassword attributes
>like following:
>
>
>dn: uid=subs, ou=accounts, dc=test, dc=com
>uid: subs
>userPassword:: e01ENX03MmIwMTViNDhlOTU5ZTlkYWQ3MTAxNjNiYjJhZDkyMQ==
>mac: ""
>lmPassword: {ENC}9846B736BDDA9E7CAAD3B435B51404EE
>ntPassword: {ENC}22D6ADD4E9AD37B87B8EDB2C91E1EE67
>objectClass: objDevices
>objectClass: top
>
>
>FR 2.1.1 is configured for doing 802.1x authentication. While doing the
>authentication, I obviously get Invalid NT-Password and Invalid
>LM-Password error. The error stems from the fact that the length is
>incorrect because of the additional {ENC} prefix.
>
>Is there some configuration where I can set something so it ignores the
>initial {ENC} while doing the password comparison?
>
>I cannot get rid of the {ENC} prefix.
>

Rewrite NT-Password and LM-Password using unlang (or perl) after ldap in
authorize.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list