Fwd: (RADIATOR) AD/LDAP and PEAP question

Mike McCauley mikem at open.com.au
Fri Jun 13 08:37:38 CDT 2003 

Hello Tom,


On Fri, 13 Jun 2003 11:22 pm, Tom Rixom wrote:
> Hello,
>
> Isn't it possible to use AuthBy NT authentication
> scheme instead of the AuthBy LDAP scheme.

Unfortunately that wont work with PEAP-MSCHAPV2 either.

Cheers.

>
> Regards,
>
> Tom.
>
> > -----Original Message-----
> > From: Mike McCauley [mailto:mikem at open.com.au]
> > Sent: Friday, June 13, 2003 12:09 PM
> > To: Hugh Irvine; Joao Martins
> > Cc: radiator at open.com.au
> > Subject: Re: Fwd: (RADIATOR) AD/LDAP and PEAP question
> >
> >
> > Hello Joao,
> >
> > At present, the only way you could implement PEAP-MSCHAPV2 is
> > to use an AuthBy
> > with a plaintext password. If you are using AuthBy LDAP2,
> > then the LDAP
> > database must contain a plaintext password. I dont think the
> > standard AD
> > schema falls into this category.
> >
> > Cheers.
> >
> > On Fri, 13 Jun 2003 06:21 pm, Hugh Irvine wrote:
> > > Begin forwarded message:
> > > > From: "Joao Martins" <jmartins at cic.ua.pt>
> > > > Date: Fri Jun 13, 2003  02:29:26 Australia/Melbourne
> > > > To: <radiator at open.com.au>
> > > > Subject: (RADIATOR) AD/LDAP and PEAP question
> > > >
> > > >
> > > > 	Hi!
> > > >
> > > > 	I believe that is not possible use LDAP and PEAP authentication
> > > > together, if LDAP passwords are encrypted (NT hash, as
> >
> > Mike McCauley
> >
> > > > explained to me). So, I'm asking if this is possible with
> >
> > Radiator:
> > > > 	* I have an Active Directory / LDAP based on Microsoft
> >
> > Windows 2000
> >
> > > > Server.
> > > > 	* I have Radiator running on Linux RedHat box.
> > > > 	* I want to authenticate my wireless users with PEAP, using user
> > > > access information on  Windows 2000 AD/LDAP.
> > > >
> > > > 	Has anyone implemented a scenario like this?
> > > > 	Any suggestions???
> > > >
> > > > 	Thanks.
> > > >
> > > >  Cheers,
> > > >
> > > > João Martins
> >
> > ==============================================================
> > =========
> >
> > > > Centro de Informática e Comunicações       Email:
> >
> > jmartins at cic.ua.pt
> >
> > > >       Universidade de Aveiro               Phone: +351 234 370099
> > > >          3810-193 Aveiro                   Ext:   22299
> > > >             Portugal                       Web:
>
> http://www.cic.ua.pt/
>
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.
> >
> > NB: have you included a copy of your configuration file (no secrets),
> > together with a trace 4 debug showing what is happening?

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list