no i don't have AD.

in other word, i cannot use windows xp supplicant  EAP-MSCHAPv2 to make the authentication protocol to authenticate users in openldap database using ssha1 password, that's right? 

2010/3/15 Alan Buxey <A.L.M.Buxey@lboro.ac.uk>
Hi,

> how can i handle encrypted users's ldap password ?


depends what you want to do

read the docs and you will see what youc an do with what back-end eg

http://deployingradius.com/documents/protocols/compatibility.html

this shows that LDAP is just a basic store of info...you cannot do eg challenhe-response
with a basic store.  if you want to do that kind of fund and games with mschap then you need
to bind the FR server to eg AD and use the ntlm_auth method of getting people
authenticated. this is also well documented.

http://deployingradius.com/documents/configuration/active_directory.html

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html