Yet Another PEAP-MSCHAPV2 problem
michael at stroeder.com
Tue Sep 22 08:17:14 CEST 2015
Alex Moen wrote:
> Now I just have to figure out why I can't authenticate. I know one of the
> differences between the "branches" of the directory tree, is that the
> incorrect one is using Crypt passwords, and the correct one is using SSHA
> passwords. Seems that the SSHA passwords are not working while the Crypt
> passwords do.
Maybe you're misinterpreting your test results:
AFAIK MS-CHAPv2 works with NT password hash (LDAP attribute sambaNTPassword).
It cannot work with any hashed LDAP userPassword value.
Check first whether userPassword and sambaNTPassword are "in sync" (hashes
derived from the same clear-text password).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4245 bytes
Desc: S/MIME Cryptographic Signature
More information about the Freeradius-Users