FreeRadius + OpenLDAP + MSCHAP2

SolidSystems | Alex Grigorescu Alex.Grigorescu at solidsystems.ro
Fri Feb 3 09:59:12 CET 2017


Hello

I am a system integrator that has just delivereded an Aruba WiFi solution to a customer.
They have an infrastructure that is based on a OpenLDAP server with more than 10k active users.
All the users have their passwords encripted using SSHA.

We are currently trying to help them implement an 802.1x WiFi access network and we are having problems with Microsoft clients connecting.

If we create a new user in the LDAP directory and store the password in Clear Text everything works fine.
But the goal is to be able to do user logins using the existing paswords without installing any 3rd party software on the clients (which is an impossible task).

Is there a way to make FreeRadius authenticate the users against OpenLDAP without having ClearText or NT Hash stored passwords?

Best regards,
Alex


  Ing. Alex GRIGORESCU
  Director Tehnic
  Solid Systems
  Brasov, 500059 Str. Lunga Nr. 200
  Phone: +40 (368) 80.80.00
  Fax: +40 (368) 80.20.80
  Mobile: +40 (772) 20.20.02
  E-mail: alex.grigorescu at solidsystems.ro<mailto:alex.grigorescu at solidsystems.ro>
  SolidSystems este marca inregistrata a SC Wi-Novation SRL Brasov

  [Description: Description: Description: Description: MCP(rgb)]
[Description: Description: Description: HP AIS]
Acest mesaj este adresat exclusiv destinatarului mentionat si poate contine informatii confidentiale si privilegiate. In cazul in care ati primit acest mesaj printr-o eroare, va rugam sa ne informati si sa il stergeti apoi din sistemul Dvs. SolidSystems nu este responsabila pentru eventualele pagube provocate de cunoasterea si/sau folosirea acestui mesaj de terti sau pentru destinatia eronata a mesajului

This message is exclusively directed to the above mentioned recipient and may contain confidential and privileged information. Should you receive this message by error we kindly ask you to delete this message immediately. SolidSystems is not liable for any damages resulting from the knowledge and/or manipulation of this message by third parties or from the misdirection of the message.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2765 bytes
Desc: image001.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20170203/27050691/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 14677 bytes
Desc: image002.png
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20170203/27050691/attachment-0003.png>


More information about the Freeradius-Users mailing list