smbencrypt is distributed with the server. Use it to check the
password hash.
Ivan Kalik
Kalik Informatika ISP
The authentication is half finished. The hint with the smbencrypt showed
that the stored nt passwords in our ldap directory was wrong. The hint with
ldap.attrmap pointed to a wrong
Hello Alan,
thank you for your reply.
The mapping of the NT-Password describe exactly our problem. We cannot find
the right passage in the radius config to do this. Maybe you can give as a
little hint, this would be very kindly.
Best Regards, Michael
native wired xp 802.1X client with PEAP
You can also change the way passwords are stored in ldap. userPassword
should have cleartext password. If you are going to store encrypted
passwords you should use password header ({nt} in this case). If you
store your passwords that way you just need to enable auto headers in
pap module. pap
Michael Poser wrote:
native wired xp 802.1X client with PEAP (mschapv2) tries to authenticate via
freeradius against openldap with an md4 encoded utf-16e password hash. The
authentication fails. If we use the hash instead of the clear-text password
with the xp client, the authentication works
Hello,
native wired xp 802.1X client with PEAP (mschapv2) tries to authenticate via
freeradius against openldap with an md4 encoded utf-16e password hash. The
authentication fails. If we use the hash instead of the clear-text password
with the xp client, the authentication works fine. There must
Michael Poser a écrit :
Hello,
native wired xp 802.1X client with PEAP (mschapv2) tries to authenticate via
freeradius against openldap with an md4 encoded utf-16e password hash.
This is just not possible.
PEAP (mschapv2) requires you can read the user password either as a
cleartext password
Hello Thiabault,
native wired xp 802.1X client with PEAP (mschapv2) tries to authenticate
via freeradius against openldap with an md4 encoded utf-16e password
hash.
This is just not possible.
PEAP (mschapv2) requires you can read the user password either as a
cleartext password or as a
it was a bit ambiguous. The term md4 encoded utf-16e password hash should
express, that it is an NTLM Hash. Sorry for the confusion.
smbencrypt is distributed with the server. Use it to check the password
hash.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
8 matches
Mail list logo