Oracle LDAP and password

Fabio Pedretti fabio.pedretti at
Wed Dec 5 15:19:13 CET 2007

I am using FreeRADIUS 1.1.7 and I want to authenticate my users against an Oracle LDAP. TTLS-PAP works fine, but I also need PEAP-MSCHAPv2, so I have to be able to read NT-LM password. I noticed that the Oracle LDAP server stores password in this format:

authpassword;orclcommonpwd: {X- ORCLLMV}708090a0b0c0d0e0f000102030405060
authpassword;orclcommonpwd: {X- ORCLNTV}000102030405060708090a0b0c0d0e0f

I verified that the the LM and NT hashes match those needed by FreeRADIUS but  hashes are after a special header ({X- ORCLLMV} or {X- ORCLNTV}) and all in the same attribute (authpassword;orclcommonpwd).

Is it possible to configure FreeRADIUS to read the hashes in these format?


More information about the Freeradius-Users mailing list