Alan, I didn't find any option for the mschapv2 problem in your web page. Unencrypt ldap passwords is not a smart solution.
It seems that windos xp client only accept mschapv2 or TLS to authenticate, if a use TLS, I cannot use ldap because only the client certificate is used to authenticate. In my network, I need to authenticate with the mail passwords stored in ldap. Server: red hat with freeradius Client: windows xp sp2 Protocols: PEAP + MSCHAPv2 + LDAP I don't use TLS because it only uses certificates to authenticate. Do you have any suggestion??? Alan DeKok <[EMAIL PROTECTED]> escreveu: Eduardo Lima wrote: > So I'll have to unencrypt all the ldap passwords to use mschapv2??? Yes. See the web page for your options. > What about the ldap database security?? The LDAP database has to be kept secure. Please go read the web page again. If you want to use MS-CHAP, your options are limited for how to store passwords. If you don't like those options, then don't use MS-CHAP. If you want to store passwords via a different method than is permitted in the table, AND you want to use MS-CHAP, then you need to change your requirements to match reality. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --------------------------------- Abra sua conta no Yahoo! Mail, o único sem limite de espaço para armazenamento!
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
