| I solved my problem... for some reason PEAP only works with LDAP users if the following line is present in the peap section of eap.conf: copy_request_to_tunnel = yes
The default config from red hat ES4 doesn't have this line, not even as commentary....
Regards
On Sep 21, 2006, at 22:21, Francisco Castanheiro wrote: Hello,i'm using freeradius to do the auth on a wireless network. My users are in a Ldap directory that have both NT-Password and UserPassword, i use ldap to auth linux users and samba+ldap to auth windows users.
I have PEAP and ttls set up in my config and some test users with clear password in the users file, plus the ldap users. I have no problems with ttls auth, both with ldap and "local" test users, but i can't say the same about peap. When i try to use peap to auth a "local" user it goes fine, but when the user is a ldap one it just fails. I have the map between ldap and radius attributes setup. I think that my ldap NT hashes are correct because i can use them to auth my windows users with samba, but the only thing that i can see that differs from both the scenarios that i described is that ttls uses the "userpassword" attr and PEAP uses the NT-Password attr. And i know that peap works when the password is clear, because it works with the "local" test users.
Could some bad config do this behavior? Or could it be some problem with my version of freeradius and my NT hashes?
I'm out of ideas. If my config or logs help i can post them.
Thanks for any help.
Regards
--- Francisco Castanheiro Departamento de Informática Faculdade de Ciências e Tecnologia - UNL E-mail: [EMAIL PROTECTED]
-
--- Francisco Castanheiro Departamento de Informática Faculdade de Ciências e Tecnologia - UNL E-mail: [EMAIL PROTECTED]
|
PGP.sig
Description: This is a digitally signed message part
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
