No, they are encrypted in the ldap database in md5 hash. I might be too old to do bleeding edge stuff like 3.0 RC1 I will take a look and a poke at it though. Thanks. -----Original Message----- From: freeradius-users-bounces+cswenson=curry.edu@lists.freeradius.org [mailto:freeradius-users-bounces+cswenson=curry.edu@lists.freeradius.org] On Behalf Of Arran Cudbard-Bell Sent: Monday, September 09, 2013 6:54 PM To: FreeRadius users mailing list Subject: Re: my Radius goal radius and openldap. On 9 Sep 2013, at 23:00, "Swenson, Chris" <cswenson@curry.edu> wrote:
I already have functioning openldap with SSL. (actually a neat little multi master setup.) I would like to get this radius to authenticate against the openldap.
You have plaintext passwords then?
I have dug around Google and found some useful looking pages, but I wonder if anybody has any hot tips on this so I don't feel like I am completely reinventing the wheel.
Use FreeRADIUS 3.0.0-rc1, the LDAP module is SIGNIFICANTLY better. For redundancy/resilience you can either just point the module at a round-robin FQDN, or set a comma delimited list of servers in the 'server' config item, libldap handles the failover. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS Development Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html