VS: VS: Chap auhtentication against LDAP
Ville Leinonen
ville.leinonen at solodel.com
Sun Apr 5 16:47:50 CEST 2009
Hi,
Thank you for this reply. Well then i do some scripting and pull
userinfo inside ldap and export it to my radsrv.
Br,
Ville
-----Alkuperäinen viesti-----
Lähettäjä: freeradius-users-bounces+ville.leinonen=solodel.com at lists.freeradius.org puolesta: Alan DeKok
Lähetetty: su 5.4.2009 16:16
Vastaanottaja: FreeRadius users mailing list
Aihe: Re: VS: Chap auhtentication against LDAP
Ville Leinonen wrote:
> So i cannot do this about using freeradius, but i can make it
> using IAS (see link)?
No. You seemed to have misunderstood my response. Let me say it a
different way:
LDAP servers cannot do CHAP authentication.
Why?
Because LDAP servers are *DATABASES*.
LDAP servers are not *authentication* servers.
FreeRADIUS is an *AUTHENTICATION* server.
Configure FreeRADIUS so that it pulls the clear-text password from
LDAP. FreeRADIUS will then do CHAP authentication.
If you don't have a clear-text password in LDAP, then doing CHAP
authentication is impossible. It is impossible with FreeRADIUS, IAS,
Cisco ACS, Juniper SBR, Radiator, and also with every other RADIUS
server on the planet.
And go read my web page:
http://deployingradius.com/documents/protocols/compatibility.html
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 3497 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090405/e1530fc6/attachment.bin>
More information about the Freeradius-Users
mailing list