Re: Re[2]: MS-CHAP and LDAP
[EMAIL PROTECTED] wrote: > Do you know whether there is a possibility to retrieve the W2k-passwords > via ldap at all? I don't see why not. They're just more pieces of data to sling around. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: MS-CHAP and LDAP
Dear 3APA3A, >> Is there any way to retrieve LDAP-stored passwords (i.e. in a >> W2k-domain controller) and use them inMS-CHAP >> authentication/authorization? KK> In general, yes. There is support for LM-Password and NT-Password in the KK> ldap.attrmap file, so you should probably be ok. Just make sure they map to the KK> correct ldap attributes and read doc/rlm_mschap. 3APA3A> These attributes are for SAMBA LDAP. Win2K AD doesn't store hashes in 3APA3A> LDAP, at least as lmPassword/ntPassword. I guess thats the reason why my attempts to use LDAP and MS-CHAP in combination have failed. (Believe me, I read the doc-files more than once). Do you know whether there is a possibility to retrieve the W2k-passwords via ldap at all? Or is that another case of MS-special solution? Regards, Martin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: MS-CHAP and LDAP
Dear Kostas Kalevras, --Tuesday, September 10, 2002, 6:45:09 PM, you wrote to [EMAIL PROTECTED]: >> Is there any way to retrieve LDAP-stored passwords (i.e. in a >> W2k-domain controller) and use them inMS-CHAP >> authentication/authorization? KK> In general, yes. There is support for LM-Password and NT-Password in the KK> ldap.attrmap file, so you should probably be ok. Just make sure they map to the KK> correct ldap attributes and read doc/rlm_mschap. These attributes are for SAMBA LDAP. Win2K AD doesn't store hashes in LDAP, at least as lmPassword/ntPassword. -- ~/ZARAZA Ìàøèíà îêàçàëàñü ñïîñîáíîé ê åäèíñòâåííîìó äåéñòâèþ, à èìåííî óìíîæåíèþ 2x2, äà è òî ïðè ýòîì îøèáàÿñü. (Ëåì) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html