Hello there, I just researched a little bit in the freeradius-users list and found out that there have to be clear passwords in the LDAP Direcotry to get FreeRADIUS to work with LDAP. However I think it's not very secure to store the passwords in clear in the Directory, even if there are ACLs in Place.
Is it really not possible to do PEAP (w. MSCHAPv2) when I have NT-Hashes in the Directory? My target is to use LDAP as authentication source for my UNIX Workstations (trough pam_ldap), my Windows Workstations (trough Samba accessing LDAP, therefor I have the NT-Hashes in the Dir) and RADIUS for dialup and wireless users. Has someone done this before? Does someone know a good Howto to achieve this? Sincerely, Sebastian Mauer - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html