Christophe Saillard <[EMAIL PROTECTED]> wrote: > Now I'd like to get credentials from an existing LDAP user storage instead > of the Freeradius "users" file
That shouldn't be a problem. > (I store MD5 hashed password to have PAP compatibility). That will make CHAP & MS-CHAP not work. > The Ldap bind is ok and I got correct uid and password when I launch > a 802.1X request from a laptop client. I'm not sure what you mean by that. > But there's some particular things I need to know : > - how do I have to store password in the LDAP database (because I'd like > to use TTLS/PAP) : crypt/MD5 hashed, clear text ? MD5 is fine if you're only doing PAP authentication. > - what do I have to put in the "users" file ? (I know that auth-type := > EAP is wrong) ? Don't put anything in the "users" file. > - if it's not possible to have TTLS/PAP authentication what can I do else > (PEAP/Mschapv2 ...) ? TTLS/PAP is possible. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
