[EMAIL PROTECTED] schrieb:
> That means if the LDAP Server would be somehow configured
> to send out the
> Attribute UserPassword in cleartext, it would work with
> MSCHAP?
Yes. If Radius gets the cleartext password from somewhere, it
can check if the MSCHAP stuff which the user did send is correct.
If it doesn't get the cleartext password, no check is possible.
> Is there definitely at use of MSCHAP no chance to get it
> work by Radius Server
> sends a bind message to LDAP Directory like i did
> successful in the log with
> radtest?
Binding to LDAP requires that the person/program sending
the bind message knows the cleartext password. You can't
obtain that from MSCHAP information, so there's no way
this can work.
HTH,
Stefan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
