18 Jun
2010
18 Jun
'10
3:50 p.m.
Kyle Plimack wrote:
I added an entry to ldap.attrmap, “checkItem Cleartext-Password userPassword” The Password is not cleartext, but I read somewhere that radius is supposed to figure that out automatically from a header. This is what is returned:
rlm_ldap: userPassword -> Cleartext-Password == "{SSHA}xQjX16XbCUSXpiR2y****************"
It is impossible to do MS-CHAP with SSHA passwords. http://deployingradius.com/documents/protocols/compatibility.html Alan DeKok.