Yuck. 802.1x would be for enhanced security, but we’re limited to either cleartext or a crappy hash? I understand this isn’t your issue… Still sucks though.
--------------------------- Jason 'XenoPhage' Frisvold [email protected] --------------------------- "Any sufficiently advanced magic is indistinguishable from technology." - Niven's Inverse of Clarke's Third Law > On May 29, 2018, at 21:16, Durand fabrice via PacketFence-users > <[email protected]> wrote: > > Hello Jason, > Is it for 802.1x ? > > If yes then it should be a clear text password or a nthash. > (http://deployingradius.com/documents/protocols/compatibility.html) > And you will need to configure radius with something like that: > https://github.com/inverse-inc/packetfence/tree/devel/addons/nthash_AD_attribute#freeradius-configuration. > > If it's not for 802.1x then a simple bind is enough and it doesn't really > matter the hash you will use. > Regards > > Fabrice > > > > Le 2018-05-29 à 17:38, Jason 'XenoPhage' Frisvold via PacketFence-users a > écrit : >> Docker to the rescue. Was able to get a simple openLDAP container up and >> running pretty quickly. Using phpLdapAdmin to get the initial stuff set up, >> then I’ll nuke that container with fire. :) >> >> So, with LDAP in place, what sort of hash do I need to use within LDAP in >> order to make everything with with Packetfence? Can I use something like >> SHA512 or, better yet, blowfish? Or do I have to use something else? How >> do I specify what I’m using within Packetfence? >> >> From what I remember, this was tied to RADIUS. I think it had to match >> whatever RADIUS was using, but I can’t remember how to get that information. >> >> Thanks, >> >> --------------------------- >> Jason 'XenoPhage' Frisvold >> >> [email protected] >> >> --------------------------- >> >> "A common mistake that people make when trying to design something >> completely foolproof is to underestimate the ingenuity of complete >> fools." >> - The Hitchhikers Guide to the Galaxy >> >> >>> On May 24, 2018, at 09:50, David Harvey via PacketFence-users >>> <[email protected]> >>> wrote: >>> >>> Not sure how much the standalone 389 directory lets you do from it's admin >>> interface, but a simple FreeIPA install (which includes 389) is also pretty >>> quick and easy to setup, and has a very comprehensive interface. It may >>> contain way more features than you want though! >>> Alternatively, I know QNAP NAS' have some builtin LDAP server bits, as I >>> imagine other NAS' would do, so if you have one on premise may be worth >>> checking out.. >>> >>> On Wed, May 23, 2018 at 11:38 PM, Durand fabrice via PacketFence-users >>> <[email protected]> >>> wrote: >>> I think about this one >>> http://directory.fedoraproject.org/ >>> who is coming with an admin interface. >>> >>> >>> https://www.ehowstuff.com/setup-389-directory-server-on-centos-7/ >>> >>> >>> Le 2018-05-23 à 15:56, Jason 'XenoPhage' Frisvold via PacketFence-users a >>> écrit : >>> >>>> Hi all, >>>> >>>> I’m looking for a quick and simple LDAP install I can use with >>>> packetfence as a temporary authentication source. Before I stand up an >>>> openldap server, or perhaps openldap in a container, is anyone using >>>> something that’s quicker to stand up and get running? I’d love something >>>> with an interface I can use to add users, change passwords, etc. >>>> >>>> Thanks, >>>> >>>> --------------------------- >>>> Jason 'XenoPhage' Frisvold >>>> >>>> >>>> [email protected] >>>> >>>> >>>> --------------------------- >>>> >>>> "Any sufficiently advanced magic is indistinguishable from technology." >>>> - Niven's Inverse of Clarke's Third Law >>>> >>>> >>>> >>>> >>>> ------------------------------------------------------------ >>>> ------------------ >>>> Check out the vibrant tech community on one of the world's most >>>> engaging tech sites, Slashdot.org! >>>> >>>> http://sdm.link/slashdot >>>> >>>> >>>> >>>> ______________________________ >>>> _________________ >>>> PacketFence-users mailing list >>>> >>>> >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >>> ------------------------------------------------------------------------------ >>> Check out the vibrant tech community on one of the world's most >>> engaging tech sites, Slashdot.org! >>> http://sdm.link/slashdot >>> >>> _______________________________________________ >>> PacketFence-users mailing list >>> >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >>> >>> >>> ------------------------------------------------------------------------------ >>> Check out the vibrant tech community on one of the world's most >>> engaging tech sites, Slashdot.org! >>> http://sdm.link/slashdot_______________________________________________ >>> >>> PacketFence-users mailing list >>> >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! >> http://sdm.link/slashdot >> >> >> _______________________________________________ >> PacketFence-users mailing list >> >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! > http://sdm.link/slashdot_______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users
signature.asc
Description: Message signed with OpenPGP
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
