Connecting freeRadius to openLDAP
Eric Bourkland
eric.bourkland at trustedconcepts.com
Tue Jul 21 18:47:38 CEST 2009
Yes, I am trying to do MSCHAPv2 from the laptop.
If the below is true why am I able to do a successful Radtest user password server 0 secret on the radius server?
I believe the password is plain text but I'm not 100% positive, I am able to connect other software such as Confluence to it with open passwords.
Thanks,
----- Original Message -----
From: "Phil Mayers" <p.mayers at imperial.ac.uk>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, July 21, 2009 12:35:42 PM GMT -05:00 US/Canada Eastern
Subject: Re: Connecting freeRadius to openLDAP
Eric Bourkland wrote:
> I can attach any of my config files but what I have done is rebuilt a
> whole new server RHEL4.7-ES, with freeRadius v2.1.6 installed. with
In all probability, your LDAP database either:
1. Does not contain the plaintext password, or NT/LM hash.
2. Does not give the plaintext password or NT/LM hash to FreeRadius
because of LDAP ACLs.
...and you are trying to do PEAP/MSCHAPv2. If so, you need to correct
this, because PEAP/MSCHAPv2 requires either:
1. FreeRadius have the plaintext password
2. FreeRadius have the NT/LM hash
3. FreeRadius be able to call an RPC on a domain controller (via the
"ntlm_auth" helper config option on the "mschap" module)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list