Freeradius + Fedora-DS + EAP-MSCHAPv2 for WIFI/AP authentication
GUSTAVO VIEIRA OLIVEIRA
gustavov at sc.senai.br
Tue Sep 20 17:03:11 CEST 2011
Hello.
Thanks for the answers.
I got no AD integrated with LDAP.
Is there any way i can convert an LDAP MD5/SHA hash to a NT hash password?
Thanks!
"Alan DeKok" <aland at deployingradius.com> escreveu:
> uselessidbr wrote:
>> People, i've read a lot about the WIFI/AP authentication over Freeradius
>> using LDAP but it seems i cannot make it work unless i use clear-text
>> password or Nt/Lmpassword which as far as i know implies in Samba + LDAP
>> integration.
>
> http://deployingradius.com/documents/protocols/compatibility.html
>
> Note it doesn't mention Samba. NT-Passwords are a password *format*.
> They can be stored anywhere.
>
>> My question is, is that really the only way to make freeradius
authenticate
>> users using a LDAP database?
>>
>> Do i need to have samba + ldap to authenticate WIFI users using
freeradius +
>> LDAP with EAP-MSCHAPv2?
>
> No. You need cleartext passwords, or NT passwords. Where they are
> stored is a completely separate question.
>
>> With my current configuration i was able to authenticate LDAP users with
>> clear-text password but thats not i really want as a WIFI authentication
>> solution. My goal is to use freeradius to authenticate WIFI users using a
>> LDAP database and without the need of use a non-native Windows
application.
>
> You can do that. Only if you use the correct password format.
>
>> Here goes my debug using a encrypted user password (which fails):
>
> It fails because you didn't tell the server what the correct password
was.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
--
Atenciosamente,
_________________________________________________________
GUSTAVO VIEIRA OLIVEIRA
Sistema FIESC
Central de Serviços TIC
TIC - Unidade Integrada de Tecnologia da Informação e Comunicação
Rod. Admar Gonzaga, 2765 - Itacorubi - 2o Andar
CEP 88034-001 - Florianópolis - SC
Fone (48) 3231-4699 - Fax (48) 3231-4170 - Ramal 44699
e-mail: <a
href="mailto:atendimento at tic.fiescnet.com.br">atendimento at tic.fiescnet.com.br</a>
More information about the Freeradius-Users
mailing list