EAP-TTLS with mschapv2 and edirectory

Peter Lambrechtsen plambrechtsen at gmail.com
Wed Sep 9 20:54:43 CEST 2009


On 9/09/2009, at 9:58 PM, "Ivan Kalik" <tnt at kalik.net> wrote:

>> Michael Fischer wrote:
>>> the strange thing is that I've never used anything else than  
>>> universal
>>> password and my universal password policy does allow the user to  
>>> read
>>> the password.
>
> Freeradius uses admin user account to retrieve the attributes. Can  
> that
> one retrieve the password?

That will be the problem. He will need to change the universal  
password policy to allow admin to retrieve password as well. And make  
sure the  user he uses in fr is a admin user.

>
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list