FreeRADIUS + OpenLDAP + MSCHAPv2
Kenneth Marshall
ktm at rice.edu
Tue Nov 18 22:35:57 CET 2008
See:
http://deployingradius.com/documents/protocols/oracles.html
Ken
On Tue, Nov 18, 2008 at 01:29:48PM -0800, Tim Gustafson wrote:
> Ok, I've upgraded to FreeRADIUS 2.0.5 on a FreeBSD box (the FreeBSD ports is more up-to-date than the CentOS Yum repositories apparently).
>
> However, upon reading the documentation in modules/ldap, I see this:
>
> # However, LDAP can be used for authentication ONLY when the
> # Access-Request packet contains a clear-text User-Password
> # attribute. LDAP authentication will NOT work for any other
> # authentication method.
> #
> # This means that LDAP servers don't understand EAP. If you
> # force "Auth-Type = LDAP", and then send the server a
> # request containing EAP authentication, then authentication
> # WILL NOT WORK.
>
> So, does this mean that you can't do MSCHAPv2 against an LDAP server, or am I missing something again?
>
> Tim Gustafson
> SOE Webmaster
> UC Santa Cruz
> tjg at soe.ucsc.edu
> 831-459-5354
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list