cisco WAP/FreeRadius/OpenLDAP

Fajar A. Nugraha list at
Fri Oct 28 00:43:39 CEST 2011

On Fri, Oct 28, 2011 at 4:32 AM, Matthew Arguin
<matt.arguin at> wrote:
> Thanks Phil.  question on that.  in the deployment of ldap that we have in
> place the users password attribute is 'userPassword'.  looking at the ldap
> attribute file and various online results, is the authentication looking for
> ntPassword for that ldap attribute as opposed to the userPassword one that i
> have?

Simple question: do you have eiter plain-text (i.e. unencrypted)
password, or nt-hash password stored in your LDAP?

If yes, it's simply a matter of picking the correct attribute (which
is what ldap.atrrmap is for).

If no (e.g. it's encrypted) do you know what encryption/hash it uses?
Some password hash is supported by FR (e.g. unix crypt), while others
(e.g. the one used by Lotus Domino) can't be used.


More information about the Freeradius-Users mailing list