this is great, i will search. Enviado via iPhone
Em 11/02/2011, às 19:04, schilling <[email protected]> escreveu: > If you want to use ldap as authentication source, either you have > plaintext password in ldap or ntPassword hash stored in ldap. You can > search the list of my name, I just got both eap/peap against Active > Directory w/ ntlm_auth and against ldap w/ ntPassword recently. I > posted my configuration on the list. I am using peap because of we > don't want to install a third party supplicant. > > > Schilling > > On Fri, Feb 11, 2011 at 3:44 PM, Gary Gatten <[email protected]> wrote: >> PS: We also use ntlm_auth for 802.1x. All the docs I read and the comments >> within the various FR files say EAP and LDAP won't work - for >> Authentication. Authorization should be fine. >> >> G >> >> >> -----Original Message----- >> From: freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org >> [mailto:freeradius-users-bounces+ggatten=waddell....@lists.freeradius.org] >> On Behalf Of Max Schröder >> Sent: Friday, February 11, 2011 2:31 PM >> To: FreeRadius users mailing list >> Subject: Re: Freeradius + LDAP for WPA-Enterprise >> >> Gary Gatten wrote: >>> You forced ALL Authentication requests to use LDAP. EAP / LDAP don't play >>> well together. Remove the "Auth Type LDAP" - for now. >>> >> If I remove that the radtest failed for a LDAP-User. It returns a >> rejected Message. >>> As for accomplishing your goal, unfortunately others will have to help you >>> with that - I don't know FR/LDAP/EAP well enough. But, I don't THINK you >>> can authenticate EAP requests against LDAP directly because of the "no >>> clear text password" issue. >>> >> How else would you authenticate a WPA(2)-Enterprise with Radius using >> LDAP-Accounts? >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> >> >> >> >> <font size="1"> >> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in >> 0in 1.0pt 0in'> >> </div> >> "This email is intended to be reviewed by only the intended recipient >> and may contain information that is privileged and/or confidential. >> If you are not the intended recipient, you are hereby notified that >> any review, use, dissemination, disclosure or copying of this email >> and its attachments, if any, is strictly prohibited. If you have >> received this email in error, please immediately notify the sender by >> return email and delete this email from your system." >> </font> >> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
