radius + ldap + ntlm
James J J Hooper
jjj.hooper at bristol.ac.uk
Sun Oct 23 17:26:03 CEST 2011
On 23/10/2011 16:02, Andreas Rudat wrote:
> I understand it correctly, that I can't use peap + mschapv2 with ldap? Im realy confused atm, what I can realy use, everytime I think its fine, I found another unsecure thing :/
To use PEAP/MS-CHAPv2, LDAP has to provide FR with either a plain text
password, or the NTLM hash of the password.
If your LDAP directly has plain text passwords, or NTLM hashes, then you
can use it for authentication.
You can use LDAP for authorization in any case.
More information about the Freeradius-Users