radius + ldap + ntlm

James J J Hooper jjj.hooper at bristol.ac.uk
Sun Oct 23 17:26:03 CEST 2011


On 23/10/2011 16:02, Andreas Rudat wrote:
>
> Hello,
>
> I understand it correctly, that I can't use peap + mschapv2 with ldap? Im realy confused atm, what I can realy use, everytime I think its fine, I found another unsecure thing :/

To use PEAP/MS-CHAPv2, LDAP has to provide FR with either a plain text 
password, or the NTLM hash of the password.

If your LDAP directly has plain text passwords, or NTLM hashes, then you 
can use it for authentication.

You can use LDAP for authorization in any case.

Regards,
   James



More information about the Freeradius-Users mailing list