Selon Paul Bender <[EMAIL PROTECTED]>:
Yes, the passwords are stored. Only the NT-Password is used for the PEAP/EAP-MSCHAP-V2 authentication. If you use the LDAP schema provided with Samba version 3, then the LM-Password is sambaLMPassword and the NT-Password is sambaNTPassword. If you use this schema, then you will need the adjust the mapping in FreeRADIUS's ldap.attrmap file, because the file is configured to map the attributes from the Samba version 2 LDAP schema.
Hi,
I got a Samba v2 schema, everything working fine with that, but i don't have any "0x" in front of the hashed ntPassword. In the radiusd.conf it's said it won't work without the 0x ... but when i try to manually add it to the password so i have a real length of 32, of course i can't log in anymore ... would you have any idea of where the problem reside ?
When you say that you manually add the hashed NT password to LDAP, how did you create it?
I do not know what the warning in the radiusd.conf file about needed "0x" in front of the hashed NT password means. It has never impacted me.
I am running Samba 3.0.3 (the one the ships with Fedora Core 2) with its password backend configured to be LDAP. I use smbpasswd to set the passwords. When I look at the passwords in the LDAP database, I do not see a "0x" in front of the hashed NT password. However, my users are able to authenticate using PEAP / EAP-MS-CHAPV2.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
