[EMAIL PROTECTED] wrote: > Wat I want to achive - I want to have user authentication LDAP server with > ntpassord/lmpassword for PEAP-MSCHAPv2 and have MD5 userpassword attribute > in LDAP for all the other authentication services we want to provide (vpn > dialin , etc ... )
That should work. > I have read that I have to map radius-userpassord to LDAP password > attribute, so my question is, is there any way to configure freeradius to > check against first against ntpassword and if this fails to check again > against userpassord attribute of LDAP ? You shouldn't have to. If both ntPassword && md5 passwords are defined for the user in LDAP, then the server will add both to the request, and the module doing authentication will use whichever one makes sense for the particular authentication method. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
