ldap (sambaNtPassword) + peap-mschapV2 + freeradius : step by step question
FM
dist-list at LEXUM.UMontreal.CA
Wed Nov 19 19:52:53 CET 2008
Hello,
I am trying to add a Wifi AP (aironet 1250). I am trying to use
PEAP/MSCHAPV2 and SAMBA SambaNTpassword (LDAP Back-end).
I read a lot of the question about the subject on the ML and cannot
figure out all the steps. So here are all the steps I did :
On the AP : I configured our radius server as the server manager. It
thinks it is ok because the radius SRV receive request from it.
for the AP I added a entry in clients.conf :
client 192.168.4.8 {
ipaddr = 192.168.4.8
shortname = wifi01
secret = mypassword
}
I edited the /modules/ldap :
ldap {
server = "localhost"
identity = "cn=manager,dc=lan,dc=lexum,dc=pri"
password = manager_password
basedn = "dc=lan,dc=lexum,dc=pri"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
base_filter = "(objectclass=sambaSamAccount)"
password_attribute = NT-Password
I edited the ldap.attrmap (to map NT-Pasword to sambaNtPassword) :
#checkItem LM-Password lmPassword
#checkItem NT-Password ntPassword
checkItem LM-Password sambaLmPassword
checkItem NT-Password sambaNtPassword
I DID NOT touch radiusd.conf
I DID NOT touch /etc/raddb/sites-enabled/default
I know that I need to enable ldap somewhere but ... where :D
I will not post the result of -X because I know I need other config.
Regards,
FM
More information about the Freeradius-Users
mailing list