PEAP/EAP-MSCHAPv2 with OpenLDAP
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu Aug 3 22:13:14 CEST 2017
>> It seems that FreeRadius interprets value in my custom LDAP attribute as
>> plain text not hex number.
>
> So... you created a custom LDAP attribute / schema, and are surprised that FreeRADIUS doesn't magically figure out what you mean?
Can't you feel the love!
>> LDAP attribute is type "text".
>>
>> Custom LDAP attribute contains text value E217DE3A51C1329B751A28B9792F42DB.
>
> Then pass that text value directly into the NT-Password attribute. It *will* work.
Not quite, still needs the 0x prefix to be treated as a hex string.
> If the hash you give above is 32 characters long, and FreeRADIUS expects a 32-character hash
*16 character.
I suppose we *could* add the auto-conversion heuristics to rlm_mschap. Anyone want to take that on? Copy paste code from rlm_pap?
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20170803/99ff20fd/attachment.sig>
More information about the Freeradius-Users
mailing list