11 Feb
2011
11 Feb
'11
3:31 p.m.
Gary Gatten wrote:
You forced ALL Authentication requests to use LDAP. EAP / LDAP don't play well together. Remove the "Auth Type LDAP" - for now.
If I remove that the radtest failed for a LDAP-User. It returns a rejected Message.
As for accomplishing your goal, unfortunately others will have to help you with that - I don't know FR/LDAP/EAP well enough. But, I don't THINK you can authenticate EAP requests against LDAP directly because of the "no clear text password" issue.
How else would you authenticate a WPA(2)-Enterprise with Radius using LDAP-Accounts?