(RADIATOR) OpenLDAP directory + samba supporting EAP-TTLS and PEAP-MSCHAP-V2

Rogier Krieger rkrieger at gmail.com
Mon Apr 2 00:52:19 CDT 2007


Hello Hugh,

Thanks for the pointers; I missed those items while reading the manual.

On 3/30/07, Hugh Irvine <hugh at open.com.au> wrote:
> Alternatively you can try the TranslatePasswordHook.

This appears to properly do its job. I use the following simple sub:

TranslatePasswordHook sub { return "{nthash}$_[0]"; }


It only appears to work for TTLS-PAP, though. PEAP-MSCHAP-V2 still
provides errors (the "EAP MSCHAP-V2 Authentication failure" also
present in the earlier trace).

I suspect this is due to a {nthash}$password$ being incompatible with
MSCHAP-V2. Can you confirm this? I had hoped to circumvent AuthBy NTLM
(as it requires winbindd; which at the moment is not available on my
platform) and simply use attributes available in my OpenLDAP store.

Cheers,

Rogier Krieger

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list