Ivan, Alan,
We now have peap and ttls-pap working. It turns out you were both
right. What tricked us for a long period of time is that we had to
comment out unix because our testing server had the ldap users on it
for other testing purposes. The unix module was thwarting the ldap
module f
> We just installed freeradius 2.05 on a Centos 5 system. We got
>PEAP working rather quickly against our ldap server against LM/NT
>passwords. We would also like to allow clients using Securew2
>supplicants configured for TTLS -PAP connections against (crypt and
>SSHA) passwords stored in our
Tim Tyler wrote:
> Freeradius experts,
> We just installed freeradius 2.05 on a Centos 5 system. We got PEAP
> working rather quickly against our ldap server against LM/NT passwords.
> We would also like to allow clients using Securew2 supplicants
> configured for TTLS -PAP connections against
Freeradius experts,
We just installed freeradius 2.05 on a Centos 5 system. We got
PEAP working rather quickly against our ldap server against LM/NT
passwords. We would also like to allow clients using Securew2
supplicants configured for TTLS -PAP connections against (crypt and
SSHA) passw
sambaNTPassword
#checkItem NT-Password userPassword
Thanks.
- Original Message -
From: "Phil Mayers" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list"
Sent: Friday, February 10, 2006 20:06
Subject: Re: Peap and LDAP
Jefri bin Dah
Jefri bin Dahari wrote:
I thought this line in LDAP entry gives NT password.
sambaNTPassword: AA182541927C4597271A8CAE2393FA4E
sambaLMPassword: 53DCAC0777C3A618AAD3B435B51404EE
It does - however, the default "ldap.attrmap" reads:
checkItem LM-Password lmPassword
chec
Friday, February 10, 2006 17:12
Subject: Re: Peap and LDAP
Jefri bin Dahari wrote:
Hi all,
I try to implement wireless users with PEAP but I face problem. It works
if password in LDAP in clear text.
With PEAP, the password *must* either be in clear-text or the NTLM hash.
josh.
- List info/
Jefri bin Dahari wrote:
Hi all,
I try to implement wireless users with PEAP but I face problem. It works
if password in LDAP in clear text.
With PEAP, the password *must* either be in clear-text or the NTLM hash.
josh.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/us
Hi all,
I try to implement wireless users with PEAP but I face problem. It works if
password in LDAP in clear text. Below are excerpt from radiusd -X and LDAP
entry.
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 47
rlm_mschap: Told to do M
François Dagorn wrote:
I'm trying to configure a secured Wireless network, so I want to use
EAP/PEAP/LDAP for
authentication and then try WPA to crypt sessions. As a beginner, I'm
doing that step
by step. So I've done the following :
- set up a freeradius server and test it with a simple ra
=?ISO-8859-1?Q?Fran=E7ois_Dagorn?= <[EMAIL PROTECTED]> wrote:
> the process is unable to valid the password , the error is as
> follows :
>
>"rlm_mschap: Told to do MS-CHAPv2 for xxx with NT-PAssword"
>"FAILED: No NT/LM-Password". In this case before I can see
>"rad
Hello all,
I'm trying to configure a secured Wireless network, so I want to use
EAP/PEAP/LDAP for
authentication and then try WPA to crypt sessions. As a beginner, I'm
doing that step
by step. So I've done the following :
- set up a freeradius server and test it with a simple radius client
:
Hello.
We are trying to use FreeRadius with PEAP and LDAP.
You might consider TTLS with PAP instead of PEAP with MS-CHAP-V2
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
Thanks for your answer Alan.
An option could be to use an MS Active Directory instead Iplanet LDAP?
Carlos Martínez-Troncoso Cera
Coordinador de Servicios Internet/Intranet
Universidad del Norte
Barranquilla, Colombia
Tel: 57 5 3509367
Alan DeKok wrote:
=?ISO-8859-1?Q?Carlos_Mart=EDnez-Tro
Carlos Martínez-Troncoso Cera wrote:
> Hello.
>
> We are trying to use FreeRadius with PEAP and LDAP.
You might consider TTLS with PAP instead of PEAP with MS-CHAP-V2
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-s
=?ISO-8859-1?Q?Carlos_Mart=EDnez-Troncoso_Cera?= <[EMAIL PROTECTED]> wrote:
> I was looking how Sun ONE stores the passwords, it uses SSHA (Salted
> Secure Hashing Algoritm),
> I think this is the problem, because I suposse it looks for NT-LM
> Hashing passwords, what can I do and where can I fin
Hello.
We are trying to use FreeRadius with PEAP and LDAP.
Our access point is a 3Com 8750, is talking with a FreeRadius 1.0.4,
Freeradius talks with LDAP
(Sun One Messaging Server 5.1) and our PEAP clients are Windows XP and 2000.
First we configured FreeRadius with LDAP, it works well, then
That is the answer I was waiting to hear. Thank you very much for your
quick response.
On Mon, 10 Jan 2005 20:53:34 -0500, Alan DeKok <[EMAIL PROTECTED]> wrote:
> AJ Grinnell <[EMAIL PROTECTED]> wrote:
> > I am getting mixed messages hear. Is it possible to authenticate
> > against an LDAP server
AJ Grinnell <[EMAIL PROTECTED]> wrote:
> I am getting mixed messages hear. Is it possible to authenticate
> against an LDAP server using 801.1x PEAP?
The mixed messages are because of a confusion as to how
authentication works. See my previous messages on the list, where I
discuss this in detai
I am getting mixed messages hear. Is it possible to authenticate
against an LDAP server using 801.1x PEAP?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Paul Whittenburg <[EMAIL PROTECTED]> wrote:
> I have helped a customer implement FreeRADIUS with their LDAP server
> as the backend authentication w/ {crypt} passwords, and have gotten
> PEAP to work with the user defined locally (in the users file) with
> clear text passwords. Their ultimate goal
Hi,
I have helped a customer implement FreeRADIUS with their LDAP server
as the backend authentication w/ {crypt} passwords, and have gotten
PEAP to work with the user defined locally (in the users file) with
clear text passwords. Their ultimate goal is to use the current LDAP
server as the backen
22 matches
Mail list logo
