Thanks for the link! BTW, I have nothing against SecureW2, but if we don't have to install an extra piece of software on 10,000 computers on campus, I'd like to avoid it! Matt -----Original Message----- From: Alan DeKok [mailto:aland@deployingradius.com] Sent: February 13, 2007 2:57 AM To: mda@unb.ca; FreeRadius users mailing list Subject: Re: EAP-PEAP/MS-ChapV2 password storing options Matt Ashfield wrote:
We're trying to implement username/password authentication and so far are using EAP-PAP (with secureW2 client) because our passwords are stored in LDAP in a 1-way encrypted hash.
What's EAP-PAP?
We're hoping to get away from this secureW2 implementation and would like to use Windows built-in authentication, which seems to be EAP-PEAP with MS-ChapV2 authentication.
What's wrong with SecureW2?
In order to get EAP-PEAP/MS-ChapV2 to work with FreeRadius, what are my options for storing the password in LDAP? Does it have to be clear-text?
http://deployingradius.com/documents/protocols/compatibility.html Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog