PAP and NT-hashed password
Alan DeKok
aland at deployingradius.com
Wed Dec 31 14:34:10 CET 2014
On Dec 30, 2014, at 10:58 AM, sb <superabx at gmail.com> wrote:
> Thank you, Alan! I will try to upgrade to 2.2.6.
That’s really the best solution.
> Actually we have no userPassword field in LDAP, the string
The debug output shows you do. FreeRADIUS doesn’t *invent* a password.
> Possible I have to add {nt} prefix before the password?
>
> "checkItem User-Password {nt}sambaNtPassword" - that won't work?
No. The “userPassword” field in LDAP can contain passwords in many formats. In order to tell them apart, the contents of “userPassword” have a prefix added. The prefix says what format is used by the rest of the userPassword field. For NT passwords, it’s {nt}.
Alan DeKok.
More information about the Freeradius-Users
mailing list