schilling wrote:
Here is my radiusd -X output of a assumed successful login with peap.
Would you please see whether this is working? Yes, the default with
one ldap line commented out in site-enabled/inner-tunnel works. But it
will not work once I have a virtual server in the radiusd.conf.
I
schilling wrote:
Now whenever I try to have a virtual server for another instance, then
it will have the same error as before.
Then that virtual server is configured incorrectly.
Then I copied the site-enabled/default content and put them within the
virtual server, it's working again.
I asked the ldap admin to change the format of the ntPassword to
prepend with 0x, now radius -X get the right hash, but it still have
no known good password was found in LDAP. Nevertheless, the
authorization is ok. What is the right format to put in our ldap
ntPassword attribute? Should I ignore
I am able to have peap/mschpv2 work with ldap nt hash.
radtest -t mschap will not work for peap/mschapv2, the real windows
supplicant, wireless access point will work.
The format in ldap is not relevant, w/ or w/o the preceding 0x will work.
The configuration I changed from default are the
Hi All,
We had ntPassword hash in our ldap server, now the authentication from
peap from windows computer and radtest -t mschap fail. Attached please
find the full debug information. My username is sding for the testing.
Thanks,
[r...@auth2 opt]# ./sbin/radiusd -X
FreeRADIUS Version 2.1.10,
I put the debug into the form
http://networkradius.com/freeradius.html
and got the following for the first packet.
My LDAP entry
dn: uid=sding,ou=People,dc=fsu,dc=edu
ntPassword: 771CFDFE02A8C15E15B3E0E4974602FA
smbencrypt of my password, they are the same as in ldap query.
LM Hash
schilling wrote:
Found Auth-Type = EAP
WARNING: Unknown value specified for Auth-Type. Cannot perform
requested action.
You have edited the default configuration and broken it. Don't do that.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi All,
We are trying to use ldap as backend database for dot1x peap
authentication thru freeradius. The following link has good
explanation.
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
But do we really need both ntpassword and lmpassword in the ldap directory?
How the process work
schilling wrote:
We are trying to use ldap as backend database for dot1x peap
authentication thru freeradius. The following link has good
explanation.
http://vuksan.com/linux/dot1x/802-1x-LDAP.html
Note it's 5 years old...
But do we really need both ntpassword and lmpassword in the
There is smbencrypt radius-utils to generate LM Hash and NT Hash, Any
known good perl script to do this?
sd...@palm:/usr/bin$ smbencrypt schilling
LM Hash NT Hash
2010/10/6 schilling schilling2...@gmail.com
There is smbencrypt radius-utils to generate LM Hash and NT Hash, Any
known good perl script to do this?
You can use Crypt::SmbHash (from CPAN).
sd...@palm:/usr/bin$ smbencrypt schilling
LM Hash NT Hash
11 matches
Mail list logo