(RADIATOR) OpenLDAP directory + samba supporting EAP-TTLS and PEAP-MSCHAP-V2

Mike McCauley mikem at open.com.au
Mon Apr 2 01:22:25 CDT 2007


Hello Rogier,

Thanks for reporting this.
There was a problem that prevented the TranslatePasswordHook  being called for 
a number of EAP types, including EAP-MSCHAPV2. It has now been fixed in the 
latest Radiator patch set.

Hope that helps.
Please let me know how you get on.
Cheers.

On Monday 02 April 2007 15:52, Rogier Krieger wrote:
> Hello Hugh,
>
> Thanks for the pointers; I missed those items while reading the manual.
>
> On 3/30/07, Hugh Irvine <hugh at open.com.au> wrote:
> > Alternatively you can try the TranslatePasswordHook.
>
> This appears to properly do its job. I use the following simple sub:
>
> TranslatePasswordHook sub { return "{nthash}$_[0]"; }
>
>
> It only appears to work for TTLS-PAP, though. PEAP-MSCHAP-V2 still
> provides errors (the "EAP MSCHAP-V2 Authentication failure" also
> present in the earlier trace).
>
> I suspect this is due to a {nthash}$password$ being incompatible with
> MSCHAP-V2. Can you confirm this? I had hoped to circumvent AuthBy NTLM
> (as it requires winbindd; which at the moment is not available on my
> platform) and simply use attributes available in my OpenLDAP store.
>
> Cheers,
>
> Rogier Krieger
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list