FreeRadius + OpenLDAP (SMD5) + Windows XP

Mercier Romain romain.mercier at
Fri Feb 9 13:04:00 CET 2007

I read that future version 2.0 will support SMD5 with pap module.
Could it solve my problem ? When will it be released ?

Quoting Phil Mayers <p.mayers at>:

> Mercier Romain wrote:
>> Hi,
>> I got a simple question but I don?t find anything to answer it.
>> Situation:
>> I got a database OpenLDAP which contains users info, mainly ?uid? and
>> ?userPassword? crypt with SMD5 and I can?t modify this encryption
>> type. I want Wireless users to have to authenticate to access the WLAN
>> without installing anything on users' PC (mainly Windows XP PCs).
> That's impossible I'm afraid.
>> Question:
>> Does anybody know if there is a way to authenticate users using this
>> password ?
>> I tried using a clear-text password and that works but I cannot and
>> don't want to change userPassword encryption.
> Windows XP can only do:
>   EAP-TLS (using client and server X.509 certificates)
>   EAP-PEAP/MS-CHAPv2 (using server certs, and client username/password)
> To authenticate the MS-CHAP portion of the latter, FreeRadius must have
> either the plaintext password, the NT/LM hashes, or access to a domain
> controller via Samba and use of the ntlm_auth helper.
> If you don't want to install any software and don't have plaintext/NT/LM
> passwords, you're stuck.
> -
> List info/subscribe/unsubscribe? See   

More information about the Freeradius-Users mailing list