freeradius-1.1.1 + mschap + ldap with encrypted password
Phil Mayers
p.mayers at imperial.ac.uk
Wed Aug 2 16:40:47 CEST 2006
wekz wrote:
> The problem now is that I have to authenticate doing peap against an
> ldap which has userpassword encrypted ( and is a point that I can't
> change unless it is impossible to do ).
Unless your password is encrypted as an NT or LM hash, it's impossible.
If your "LDAP server" is an AD server, it's impossible.
> correct me if I'm wrong ). My question is if there is anyway to make it
> work configuring ntlm_auth ?
If you have a domain controller, you can indeed use ntlm_auth - merely
install samba, configure it, join the domain and uncomment the ntlm_auth
line in the "mschap" module, modifying the configuration (CAREFULLY!) if
need be.
More information about the Freeradius-Users
mailing list