Dear all,
I was trying to figure out how to provide access to my StrongSWAN installation
to users through LDAP authentication.
I have a Lotus Domino server that provides LDAP services and I managed to
configure FreeRadius to talk with Domino.
The command line utility 'radtest' works fine as it plaintext, but as soon as I
try to link StrongSwan using EAP-RADIUS
from Windows 7 clients, no way.
If my understanding is correct MSCHAPv2 sends hashed passwords that are
incompatible with LDAP so the daemons and
servers talk each other but users' passwords don't match.
My question is: is there any other way to allow Windows 7 users to connect to
StrongSWAN while authenticating them in LDAP,
maybe switching to PEAP or something else?
My constraint is that I cannot change the existing password and it would be
difficult to implement a second password in LDAP
(as someone mentioned in this mailing list as well).
Would it be different if, instead of the Domino LDAP server, I would use a
Novell eDirectory, acting as domain controller?
Thank you very much for any help you could give me on the subject.
Best regards,
Claudio Morgia
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
