LDAP MSCHAP error

Larry Ross lfross at ucdavis.edu
Mon Aug 24 20:25:55 CEST 2009


Also any ideas as to how I may insert the variable from perl would be nice.

-----Original Message-----
From: freeradius-users-bounces+lfross=ucdavis.edu at lists.freeradius.org [mailto:freeradius-users-bounces+lfross=ucdavis.edu at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Monday, August 24, 2009 11:03 AM
To: FreeRadius users mailing list
Subject: Re: LDAP MSCHAP error

Larry Ross wrote:
> LOL, K.  Just found it interesting that with so little data you were able to devine our schema.  The problem here is our LDAP tree will not or cannot change (political reasons... Long story sucks for me, but as they say wish in one hand and poop in the other, get back to me when you figure out which on fills first...)

  As I said... it's C programming 101.  It's trivial for anyone who's
spent 10 minutes with C.

> So yeah I am stuck with Binary NT hash's to use for MSCHAP auth. The odd thing is it works for 95% of our users, it seems there is a character combo that causes the truncation.

  Yes.  "00".  This is C 101.

> So I was thinking I would use a perl script (thank you rlm_perl, and PERL-LDAP modules) to perform the LDAP query and then convert the data to ASCII and insert the converted String Data into the NT-Password variable.

  That might work.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list