Connecting freeRadius to openLDAP

Ivan Kalik tnt at kalik.net
Wed Jul 22 00:51:45 CEST 2009


> See if there is a way to somehow get an innter tunnel to use ttls/pap to
> connect to the ldap server and perfrom authentication that way since it
> appears that PAP authentication does work.  But I don't know if there can
> be a change in crypt for the authentication from the client which uses
> MSCHAPv2/PEAP and PAP.

You can't switch from peap to eap-ttls/pap half way through. If you need
eap-ttls/pap client for Windows look at SecureW2.

> and lastly is to see if I can add NT/LM tags to my ldap server.  I haven't
> been able to find what is the best option or how to do any of the above
> just yet.

doc/examples/openldap.schema

> I thought that what I am trying to do is pretty straight forward but it
> doesn't seem to be that way.

It is. Just let radius server know what is the password. It has hard time
authenticating users without one.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list