EAP-TTLS with mschapv2 and edirectory

Peter Lambrechtsen plambrechtsen at gmail.com
Tue Sep 8 22:02:52 CEST 2009

On 9/09/2009, at 2:43 AM, Alan DeKok <aland at deployingradius.com> wrote:

> Michael Fischer wrote:
>> I'm trying to set up 802.1x authentication on my Enterasys  
>> AccessPoints
>> using freeradius and eDirectory.
>> Freeradius and eDirectory work like a charm when I use it for Cisco- 
>> VPN
>> authentication.
>  Which is likely PAP (i.e. clear-text password).
>> rlm_ldap: Error reading Universal Password.Return Code = -1635
>  Go fix that.
>  eDirectory isn't returning the password.  Therefore, FreeRADIUS
> doesn't have it, and cannot authenticate anyone.

Turn on universal password and allow user to retrieve password in your  
universal password policy.
Then reset their password using imanager or via ldap and try again.

>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list