freeradius-1.1.1 + mschap + ldap with encrypted password
wekz
fbl.list at gmail.com
Wed Aug 2 17:33:58 CEST 2006
Ok that's what I imagined. There's no domain controller involved and no AD
so I can't use peap. Maybe pap.
Thanks Phil.
2006/8/2, Phil Mayers <p.mayers at imperial.ac.uk >:
>
> wekz wrote:
>
> > The problem now is that I have to authenticate doing peap against an
> > ldap which has userpassword encrypted ( and is a point that I can't
> > change unless it is impossible to do ).
>
> Unless your password is encrypted as an NT or LM hash, it's impossible.
> If your "LDAP server" is an AD server, it's impossible.
>
> > correct me if I'm wrong ). My question is if there is anyway to make it
> > work configuring ntlm_auth ?
>
> If you have a domain controller, you can indeed use ntlm_auth - merely
> install samba, configure it, join the domain and uncomment the ntlm_auth
> line in the "mschap" module, modifying the configuration (CAREFULLY!) if
> need be.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060802/cc07a202/attachment.html>
More information about the Freeradius-Users
mailing list