radius+ldap+peap

[Angelos Karageorgiou]

as a general rool of thumb ,always use clear text in the ldap databases
where you are trying to offer enhnanced password protection like 
cram-md5 even chap etc.

You need the original data to calculate the hashes from.


O/H Alan DeKok έγραψε:
> Arjuna Scagnetto wrote:
> ...
>   
>> PEAP with user whose password is in LDAP
>>     
> ...
>   
>> userPAssword: {SSHA}tymetcetcetc
>>     
>
>   This WILL NOT WORK.  See:
>
> http://deployingradius.com/documents/protocols/compatibility.html
>
>   use clear-text passwords in LDAP.  If you can't put clear-text
> passwords in LDAP, stop trying to use PEAP.
>
>   Alan DeKok.
>