Freeradius2 + LDAP of Lotus Notes

Fajar A. Nugraha fajar at fajar.net
Fri Aug 13 11:01:17 CEST 2010


On Fri, Aug 13, 2010 at 3:36 PM, rrperez <rrperez at apc.edu.ph> wrote:

>
> I have configured the /etc/raddb/modules/ldap and added an identity
> (although
> I don't if it works), but still it can't find a password for the user.
>
>

> I guess rlm_ldap can't find a password attribute on the ldap of Lotus
> Notes.
>


Because there's no attribute in Lotus Domino's schema that has stores plain,
unencrypted user password.

A similar case is when you want to use Active Directory. You can't use
rlm_ldap directly because AD does not give away plain, unencrypted user
password, so you need  a workaround using Samba. No such workaround exists
for Lotus Domino though.

That's how some company make money btw, selling a combination of "access
control" appliance and client for Windows, which basically (in this purpose)
allows Windows to use PEAP-GTC.

There's some free wpa supplicant client for Windows which allows you to use
PEAP-GTC (use at your own risk):
http://open1x.sourceforge.net/
http://hostap.epitest.fi/gitweb/gitweb.cgi?p=hostap.git;a=blob_plain;f=wpa_supplicant/README-Windows.txt

-- 
Fajar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100813/1db4cd3f/attachment.html>


More information about the Freeradius-Users mailing list