18 May
2007
18 May
'07
8:32 a.m.
as a general rool of thumb ,always use clear text in the ldap databases where you are trying to offer enhnanced password protection like cram-md5 even chap etc. You need the original data to calculate the hashes from. O/H Alan DeKok έγραψε:
Arjuna Scagnetto wrote: ...
PEAP with user whose password is in LDAP
...
userPAssword: {SSHA}tymetcetcetc
This WILL NOT WORK. See:
http://deployingradius.com/documents/protocols/compatibility.html
use clear-text passwords in LDAP. If you can't put clear-text passwords in LDAP, stop trying to use PEAP.
Alan DeKok.