an infamous LDAP-FreeRadius question

Matt Ashfield mda at
Tue Jul 11 13:24:22 CEST 2006

I have LDAP configured and can do a cleartext radius authentication using
username/passwords (using radtest). What I'd like to do is take the next
step and do 802.1x authentication for my windows clients and I suppose
that's where I was hoping to find some cleancut instructions on this as I've
seen quite a bit of threads concerning this but as mentioned in my initial
email, they can be tough to follow.


Matt Ashfield
mda at 

-----Original Message-----
From: aland at [mailto:aland at] 
Sent: July 10, 2006 4:51 PM
To: mda at; FreeRadius users mailing list
Subject: Re: an infamous LDAP-FreeRadius question

"Matt Ashfield" <mda at> wrote:
> What I didn't see (and I apologize if it's there) is if anyone
> has a HowTo or something similar on how to configure Freeradius for
> authentication against LDAP (not active directory) which has usernames and
> password stored on it in cleartext. Presumably I'd be using PEAP for this.

  The O'Reilly LDAP book has a good chapter on this.

  Other than that, just configure LDAP.  It should read the passwords
automatically (see ldap.attrmap).  If you can get CHAP to work against
LDAP, PEAP should follow immediately.

  Alan DeKok.

More information about the Freeradius-Users mailing list