You need to check the archives. But I'll answer anyway.
Here's an explanation from one of Novell's forums. It's talking about
Novells' Edirectory, but would apply to any other LDAP server.
You are correct that the FreeRADIUS LDAP module cannot authenticate a
MS-CHAP password against eDirectory.
[EMAIL PROTECTED] schrieb:
> That means if the LDAP Server would be somehow configured
> to send out the
> Attribute UserPassword in cleartext, it would work with
> MSCHAP?
Yes. If Radius gets the cleartext password from somewhere, it
can check if the MSCHAP stuff which the user did send is cor
Thanks for the fast answer!
The person who is responsible for the LDAP Server told me that our LDAP does
not send a Password out, for security reasons, but accepts "bindings" with
password (see log with radtest,down).
That means if the LDAP Server would be somehow configured to send out the
[EMAIL PROTECTED] wrote:
> If i understood it right, the Radius Server should do a bind to LDAP Server
> with DN and Password provided.
What password? There's no password in MSCHAPv2, and LDAP doesn't do
MSCHAPv2.
> The success answer from LDAP tells the Radius Server authentication
> success
Hi everybody!
I´m doing a Bachelor-thesis about setting up a secure WLAN Access with a
Freeradius Server for my University.
Because i have to give away my thesis at 1. of March this is urgent.
Now description of my problem:
Clients sends Username/Password through PEAP/MSCHAPv2 to Radiusser
5 matches
Mail list logo