Maurice James <midnightst...@msn.com> wrote: > How do I do it?
You need a password in the clear in your LDAP directory, not hashed. I use a different (self defined) attribute in my LDAP directory to do this and use ldap.attrmap to map this attribute (called gifb-NetzPassword in my schema) to the required RADIUS-Attribute-Name: checkItem Cleartext-Password gifb-NetzPassword And no, there is _no_ way to use _any_ CHAP method using an encrypted or hashed password. > Radius to ldap works no problem Yes, because this most definitely uses PAP as authentication method, which works with hashed/encrypted passwords. > Wireless to radius to ldap does not This is because the windows wireless supplicant can only use MSCHAPv2 (or ans SSL cert) to authenticate. This is a FAQ item, I suggest you to read the documentation on the website again. http://wiki.freeradius.org/index.php/FAQ#PAP_authentication_works_but_CHAP_fails Grüße, Sven. -- Sig lost. Core dumped. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
