In short, yes you need a clear text password at the server end. You have two choices: a) store your passwords in your ldap database in clear test b) use a reversible encryption algorithm to store your passwords, and modify the rlm_ldap code to decrypt the user password as it pulls it out of ldap.
Regards, Michael > -----Original Message----- > From: Daniel Eyholzer [mailto:[EMAIL PROTECTED] > Sent: Thursday, 15 July 2004 5:13 PM > To: [EMAIL PROTECTED] > Subject: LDAP and CHAP > > Hi there > > > Im using 1.0.0-pre3 to authenticate users with ldap as > backend. In the LDAP-tree I have md5 passwords. When I > configure the Network Access Server to use PAP it works fine, > but with CHAP it does not work. I have read that CHAP can not > be used with encryptet passwords in the database, is that > true? Is there no chance in using CHAP with md5 passwords in > the LDAP-tree? > > I would be most grateful for any comments! > > > Regards, Daniel > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html