MSCHAPv2 fails to authenticate against OpenDirectory with error 5100 (0x13ec)

[Alan Egerton]

On Wednesday, 10 June 2015, Alan DeKok <aland at deployingradius.com> wrote:
>
>   Honestly, the best approach is to use OpenDirectory as an LDAP server.
> Ignore the OpenDirectory API.  Just let FreeRADIUS grab the password from
> LDAP, and then use that to authenticate.
>

I'm pretty sure that Open Directory only stores password hashes, so the
plaintext won't be available over LDAP...

Perhaps EAP/PAP is the only option?

Alan

>

-- 
-- Alan