"Woods, Bryan" <[EMAIL PROTECTED]> wrote: > As I understand it, the NT-hashed passwords should work > for LEAP: ...
Yes. I've used it, and it works. > rlm_ldap: Adding ntpassword as NT-Password, value > 8846F7EAEE8FB117AD06BDD830B7586C & op=21 Which won't work. See src/modules/rlm_eap/types/eap_leap.c, function eapleap_ntpwdhash(). Add a '0x' to the start of the NT password hash in the LDAP database. This was mentioned on the list within the last month, from what I recall. The issue is that the NT-Password attribute is of type 'octets', which requires a '0x' to start off the string. If it doesn't see that, it assumes that the data is a double-quoted string, and it uses that verbatim. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
