802.1x with mschap-radius-ldap with ssha-1 passwords

[Alan DeKok]

"Matt Ashfield" <mda at unb.ca> wrote:
> I guess the obvious question is why can't the Radius server simply perform a
> bind attempt to the LDAP server during authentication, as opposed to trying
> to compare the password received by the authenticator to the ssha-1 password
> stored in ldap?

  a) you stumbled on something that no one else in the world figured out

  b) your assumptions are incorrect, and my original response is correct.

  Choose one.

  Alan DeKok.