Michael Poser wrote: > native wired xp 802.1X client with PEAP (mschapv2) tries to authenticate via > freeradius against openldap with an md4 encoded utf-16e password hash. The > authentication fails. If we use the hash instead of the clear-text password > with the xp client, the authentication works fine. There must be some > problems with the encryption of the password. How do we fix the problem? Any > help is appreciated.
You may have the NT hash of the password in the LDAP database, but you're telling FreeRADIUS it's the clear-text password: ... > rlm_ldap: performing search in ou=XXX,ou=XXX,o=XXX,dc=XXX,dc=de, with filter > (uid=plisch01) > rlm_ldap: Added password 4183... in check items You want to map this to the NT-Password attribute. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html