Passwords for PEAP from AD-based LDAP
Robert E. Toense
rtoense at nist.gov
Thu Jul 12 17:03:17 CEST 2007
This may be on the fringes of the scope of this group, but any pointers
would be appreciated.
I am attempting to setup EAP-PEAP authentication via FreeRadius and a
Windows-based LDAP backend. The users accounts are in AD. After making
it past a number of obstacles, I am communicating with the LDAP server,
but found that neither LM-Passwords nor NT-Passwords are loaded into the
LDAP. "Clear-text" is NOT an option, and is not available either,
anyway. This problem must have been encountered by others. Assuming
that it can be done, how do you get the password information out of AD
and into LDAP in an appropriate format?
Yes, I could use ntlm_auth and probably get it working, but this is
supposed to be LDAP-based, not SAMBA. The LDAP could move to a
different environment. Use of standards is important to us.
Thanks,
Robert Toense
More information about the Freeradius-Users
mailing list