freeradius 3 + OPENLDAP
Matthew Newton
mcn at freeradius.org
Wed Nov 14 17:28:34 CET 2018
On Wed, 2018-11-14 at 18:21 +0200, Eyal Zarchi wrote:
> (0) ldap: control:Password-With-Header +=
> '{SSHA}qGc3M+tIwC6k+IzrF9ELgbC9WcEKjFNK'
...
> (0) mschap: WARNING: No Cleartext-Password configured. Cannot create
> NT-Password
>
> (0) mschap: WARNING: No Cleartext-Password configured. Cannot create
> LM-Password
>
> (0) mschap: Client is using MS-CHAPv1 with NT-Password
>
> (0) mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform
> authentication
Password in LDAP needs to be an NT hash or cleartext.
SSHA won't work with MSCHAP.
See http://deployingradius.com/documents/protocols/compatibility.html
--
Matthew
More information about the Freeradius-Users
mailing list