freeradius-1.1.1 + mschap + ldap with encrypted password
p.mayers at imperial.ac.uk
Wed Aug 2 16:40:47 CEST 2006
> The problem now is that I have to authenticate doing peap against an
> ldap which has userpassword encrypted ( and is a point that I can't
> change unless it is impossible to do ).
Unless your password is encrypted as an NT or LM hash, it's impossible.
If your "LDAP server" is an AD server, it's impossible.
> correct me if I'm wrong ). My question is if there is anyway to make it
> work configuring ntlm_auth ?
If you have a domain controller, you can indeed use ntlm_auth - merely
install samba, configure it, join the domain and uncomment the ntlm_auth
line in the "mschap" module, modifying the configuration (CAREFULLY!) if
More information about the Freeradius-Users