Am 23.10.2011 17:48, schrieb Andreas Rudat:
Am 23.10.2011 17:26, schrieb James J J Hooper:
On 23/10/2011 16:02, Andreas Rudat wrote:
Hello,
I understand it correctly, that I can't use peap + mschapv2 with ldap? Im realy confused atm, what I can realy use, everytime I think its fine, I found another unsecure thing :/ To use PEAP/MS-CHAPv2, LDAP has to provide FR with either a plain text password, or the NTLM hash of the password.
If your LDAP directly has plain text passwords, or NTLM hashes, then you can use it for authentication.
You can use LDAP for authorization in any case.
Regards, James - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ok, thank you. For further things I think I have to configure the ldap modul for that, right?
Thanks Andreas
another problem, I tried to test the connection with ntlm_auth --request-nt-key --domain=foo.bar --username=test --password=test and get the message NT_STATUS_INVALID_HANDLE: Invalid handle (0xc0000008) is it perhaps a problem with samba? I'm using 3.4.14, same with wbinfo my smb.conf [global] workgroup = foo.bar security = server password server = bar.foo.bar wins server = bar.foo.bar on my samba+ldap machine wbinfo and ntml_auth are working fine. Thanks