29 Mar
2018
29 Mar
'18
7:58 a.m.
On Mar 29, 2018, at 3:51 AM, Robert Plestenjak <robert.plestenjak@xlab.si> wrote:
In LDAP I have LM hashed passwords (LM-Password) and radtest with PAP auth metod is successful, but when I switch to MSCHAP it fails.
So the problem is probably that clients (radtest, ...) sends NTLM hashes (NT-Password)?
Yes. You should NEVER us LM hashes for ANYTHING. They were insecure, and deprecated 20 years ago. Delete all LM hashes from your database, and you will be better off. Alan DeKok.