Hello. Thanks for the answers. I got no AD integrated with LDAP. Is there any way i can convert an LDAP MD5/SHA hash to a NT hash password? Thanks! "Alan DeKok" <aland@deployingradius.com> escreveu:
uselessidbr wrote:
People, i've read a lot about the WIFI/AP authentication over Freeradius using LDAP but it seems i cannot make it work unless i use clear-text password or Nt/Lmpassword which as far as i know implies in Samba + LDAP integration.
http://deployingradius.com/documents/protocols/compatibility.html
Note it doesn't mention Samba. NT-Passwords are a password *format*. They can be stored anywhere.
My question is, is that really the only way to make freeradius authenticate users using a LDAP database?
Do i need to have samba + ldap to authenticate WIFI users using freeradius + LDAP with EAP-MSCHAPv2?
No. You need cleartext passwords, or NT passwords. Where they are stored is a completely separate question.
With my current configuration i was able to authenticate LDAP users with clear-text password but thats not i really want as a WIFI authentication solution. My goal is to use freeradius to authenticate WIFI users using a LDAP database and without the need of use a non-native Windows application.
You can do that. Only if you use the correct password format.
Here goes my debug using a encrypted user password (which fails):
It fails because you didn't tell the server what the correct password was.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Atenciosamente, _________________________________________________________ GUSTAVO VIEIRA OLIVEIRA Sistema FIESC Central de Serviços TIC TIC - Unidade Integrada de Tecnologia da Informação e Comunicação Rod. Admar Gonzaga, 2765 - Itacorubi - 2o Andar CEP 88034-001 - Florianópolis - SC Fone (48) 3231-4699 - Fax (48) 3231-4170 - Ramal 44699 e-mail: <a href="mailto:atendimento@tic.fiescnet.com.br">atendimento@tic.fiescnet.com.br</a>