Oracle LDAP and password
Alan DeKok
aland at deployingradius.com
Wed Dec 5 15:37:46 CET 2007
Fabio Pedretti wrote:
> I am using FreeRADIUS 1.1.7 and I want to authenticate my users against
> an Oracle LDAP. TTLS-PAP works fine, but I also need PEAP-MSCHAPv2, so I
> have to be able to read NT-LM password. I noticed that the Oracle LDAP
> server stores password in this format:
>
> authpassword;orclcommonpwd: {X- ORCLLMV}708090a0b0c0d0e0f000102030405060
> authpassword;orclcommonpwd: {X- ORCLNTV}000102030405060708090a0b0c0d0e0f
Ugh.
> I verified that the the LM and NT hashes match those needed by
> FreeRADIUS but hashes are after a special header ({X- ORCLLMV} or {X-
> ORCLNTV}) and all in the same attribute (authpassword;orclcommonpwd).
>
> Is it possible to configure FreeRADIUS to read the hashes in these format?
You'll have to edit the source code to rlm_pap. It should be
relatively easy.
Alan DeKok.
More information about the Freeradius-Users
mailing list