Hi all, I searched archives and most of doc directoy of freeradius, but couldn`t find the answer.
Wat I want to achive - I want to have user authentication LDAP server with ntpassord/lmpassword for PEAP-MSCHAPv2 and have MD5 userpassword attribute in LDAP for all the other authentication services we want to provide (vpn dialin , etc ... ) I have read that I have to map radius-userpassord to LDAP password attribute, so my question is, is there any way to configure freeradius to check against first against ntpassword and if this fails to check again against userpassord attribute of LDAP ? or do you recommend any other solution for this (maybe something based on huntgroup) ? I have seen a thread that different LDAP servers could be selected based on the NAS IP address, is it also possible to have different attribute mappings between LDAP and Freeradius based on NAS IP Address or any other attriute in Access-Request ? I know simplest solution would be to have clear-text passords in userpassword of LDAP, but I think from a security point of view we won`t go this way. So any hints would be great regards Michael -- +++ GMX DSL Premiumtarife 3 Monate gratis* + WLAN-Router 0,- EUR* +++ Clevere DSL-Nutzer wechseln jetzt zu GMX: http://www.gmx.net/de/go/dsl - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
