Arjuna Scagnetto wrote:
can someone tell me a good tutorial about making work freeradius with
ldap and peap on a 802.1x architecture ?
Get LDAP working with PAP authentication, but NOT using ldap bind.
Get PEAP working with passwords in the users file.
Try PEAP with a user
Arjuna Scagnetto wrote:
...
PEAP with user whose password is in LDAP
...
userPAssword: {SSHA}tymetcetcetc
This WILL NOT WORK. See:
http://deployingradius.com/documents/protocols/compatibility.html
use clear-text passwords in LDAP. If you can't put clear-text
passwords in LDAP, stop
as a general rool of thumb ,always use clear text in the ldap databases
where you are trying to offer enhnanced password protection like
cram-md5 even chap etc.
You need the original data to calculate the hashes from.
O/H Alan DeKok έγραψε:
Arjuna Scagnetto wrote:
...
PEAP with user
O/H Alan DeKok ??:
Arjuna Scagnetto wrote:
...
PEAP with user whose password is in LDAP
...
userPAssword: {SSHA}tymetcetcetc
This WILL NOT WORK. See:
http://deployingradius.com/documents/protocols/compatibility.html
use clear-text passwords in LDAP. If
Angelos Karageorgiou wrote:
as a general rool of thumb ,always use clear text in the ldap databases
where you are trying to offer enhnanced password protection like
cram-md5 even chap etc.
You need the original data to calculate the hashes from.
O/H Alan DeKok έγραψε:
Arjuna Scagnetto
Arran Cudbard-Bell wrote:
use clear-text passwords in LDAP. If you can't put clear-text
passwords in LDAP, stop trying to use PEAP.
NO ! Calculate the damn NT Hashes... Never put users clear-text
passwords in LDAP if you can avoid it.
Step 1: Get it to work.
Step 2: Get it to work
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
use clear-text passwords in LDAP. If you can't put clear-text
passwords in LDAP, stop trying to use PEAP.
NO ! Calculate the damn NT Hashes... Never put users clear-text
passwords in LDAP if you can avoid it.
Step 1: Get it to work.
Step
can someone tell me a good tutorial about making work freeradius with
ldap and peap on a 802.1x architecture ?
For the moment my freeradius server dies with a Segmentation Fault, i
think it's caused by a misunderstanding between peap and ldap but i'm
not sure.
radius.conf{
ldap {
Arjuna Scagnetto wrote:
can someone tell me a good tutorial about making work freeradius with
ldap and peap on a 802.1x architecture ?
Get LDAP working with PAP authentication, but NOT using ldap bind.
Get PEAP working with passwords in the users file.
Try PEAP with a user whose
9 matches
Mail list logo