PEAP w/ freeradius to LDAP storing ntPassword
schilling
schilling2006 at gmail.com
Wed Oct 6 20:00:02 CEST 2010
Hi All,
We are trying to use ldap as backend database for dot1x peap
authentication thru freeradius. The following link has good
explanation.
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
But do we really need both ntpassword and lmpassword in the ldap directory?
How the process work regarding ntpassword authentication. Is the
following sequence in the right direction?
windows client send username and ntpassword to NAS
NAS send the username/ntpassword to radius in a tunnel
radius unwrap the tunnel, using the username to fetch the ntpassword
from ldap, do a comparison of ldap returned ntpassword and unwrapped
ntpassword, if they are the same, authentication accept.
Thanks,
Schilling
More information about the Freeradius-Users
mailing list