Aravind Arjunan wrote:
Radius(freeradius) server has configured and integrated with Openldap server for user authentication in RHEL 5. Using radtest, NTRadPing and Radiustest (Utility) it is working fine. I got Access-Acept by using this utility.
Yes. Because they're not doing EAP. They're doing clear-text passwords.
From the radius debug level log and slapd log i can able to see that it can able to fetch username and it was successful but in the case of userPassword authetication was getting failed.
You want to fetch the *password* from LDAP. Repeat after me: LDAP is a database. LDAP is not an authentication server.
How to send the User-Password in clear text format.?
You don't. Wireless access points don't work that way.
Is there any way to decrypt the userpassword in RADIUS server which was coming from access point.?
No.
here is the radius debug level log ... Processing the authorize section of radiusd.conf
You are running a very old version of the server. You should really upgrade.
users: Matched entry DEFAULT at line 157
Which sets Auth-Type := LDAP. This breaks EAP.
*rlm_ldap: - authenticate* *rlm_ldap: Attribute "User-Password" is required for authentication.*
Your LDAP database doesn't do EAP. This is because it's a database. (1) Do NOT set Auth-Type := LDAP (2) Test it with clear-text passwords. If that works, (3) EAP will work, too. And you should upgrade to 2.1.3. Alan DeKok.