EAP-TTLS and PEAP auth problem ... sorry!!
Alan DeKok
aland at ox.org
Sat Jul 9 07:11:38 CEST 2005
Gandalf the Gray <gtheg1 at yahoo.com> wrote:
> I would like to submit user and password to my LDAP
> server, and this one have to check the right
> relationship!
LDAP is a database, not an authentication server.
FreeRADIUS is an authentication server.
> Now: is it possible to tell MSCHAP to use LDAP or
> passwd file to authenticate the user?
> And, before this, is it possible to obtain the PW from
> the EAP challenge in order to submit it further?
No. It's impossible, and designed to be impossible.
Make the LDAP server return a clear-text, or NT-Password to
FreeRADIUS, and it will Just Work.
Any other combination is impossible.
Alan DeKok.
More information about the Freeradius-Users
mailing list