Thanks! I had ldap returning Password-with-Header for GTC deployment and then added NT-Password for ms-chapv2. Commenting out the password-with-header for userpassword in ldap.attrmap seems to allow both to work. Which makes my life much easier :)
Alan Dekok wrote: > Colleen C. Morrissey wrote: >> My question is can I somehow support both simultaneously with the same >> freeradius daemon (I know I can simply run a second daemon on different >> port supporting the other but that will require me to do lots of work on >> infrastructure/ssids to point to different servers)? Does anybody >> happen to have this working and be willing to post config? Or any other >> ideas? > > Yes. If you configure the server to know about the users clear-text > password or NT-hashed password, then PEAP/GTC should "just work". > > Alan DeKok. > -- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html