Hi, > I guess the obvious question is why can't the Radius server simply perform > a bind attempt to the LDAP server during authentication, as opposed to > trying to compare the password received by the authenticator to the ssha-1 > password stored in ldap?
I guess the obvious answer is that it can only bind if it has the user's password. When using MS-CHAP the password is already hashed when the server gets it, so how could he possibly perform the bind operation? Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: [EMAIL PROTECTED] Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
pgpqzLPS3PCZ9.pgp
Description: PGP signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
