Alan - Thank you. Making the change to the inner-tunnel worked.
Regards CJ > Date: Thu, 13 Nov 2008 08:44:07 +0100 > From: [EMAIL PROTECTED] > To: [email protected] > Subject: Re: FreeRadius 2.1.1 - OpenLDAP + NT hash + PEAP > > CJ O wrote: > > Good Afternoon - > > > > I've read through a lot of threads and documents and have > > piced information together, however I am still having issues. We are > > running an OpenLDAP with the passwords encrypted. I know that PEAP > > requires the clear text password to be stored in the LDAP Server, > > No. See: > > http://deployingradius.com/documents/protocols/compatibility.html > > > however, I've read also that as long as FreeRadius can get the NTLM > > Password from LDAP PEAP should work. > > > > We have also created a custom attribute call ntPasswd that hold the NTLM > > Hash of the users password. I have configured FreeRadius to authenicate > > to the LDAP server and set the password_attribute = ntPasswd. In the > > ldap.attrmap I've added to entries checkItem LM-Password ntPasswd and > > checkItem NT-Password ntPasswd. > > > > In eap.conf i've set default_eap_type = peap In site-enable/default > > under authorize I've uncommented ldap. > > You need to uncomment it in raddb/sites-enabled/inner-tunnel. See the > debug output. It's running the inner-tunnel method, but LDAP isn't used > there. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
