Freeradius with LDAPS + mschap
Matthew Newton
mcn at freeradius.org
Thu Jan 23 13:15:02 CET 2020
On Thu, 2020-01-23 at 12:12 +0800, Andrew Nicols via Freeradius-Users
wrote:
> (27) ldap: Processing user attributes
> (27) ldap: control:Cleartext-Password :=
> '{SSHA}XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
Password is in SSHA format. (Note this should be in the Password-With-
Header attribute, it's not a cleartext password.)
SSHA isn't compatible with mschap. You need cleartext passwords (or NT
hash).
http://deployingradius.com/documents/protocols/compatibility.html
--
Matthew
More information about the Freeradius-Users
mailing list