Re: LDAP, PEAP, Active Directory issue

2005-01-14 Thread Stefan . Neis
Hi, I have a question about the problem bellow. If in LDAP (openldap) we provide the ntpassword (with samba), it will work for authenticate Windows XP users with PEAP + mschapv2 ?? Note however, that storingusing ntpasswords instead of cleartext passwords offers no advantage at all -

RE: LDAP, PEAP, Active Directory issue

2005-01-14 Thread Willey Kurt D
@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue Where is a good place to read the details of how ntlm_auth integrates in with AD ? Ron. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Willey Kurt D Sent: Thursday, January 13, 2005 3:27 PM

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Alan DeKok
AJ Grinnell [EMAIL PROTECTED] wrote: Ok, I have peap working with the users file and with mysql, and I have radius working with ldap also. But I can not get a user to authenticate against ldap using peap. The server does not authenticate against LDAP for any EAP type. See my previous

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread AJ Grinnell
On Thu, 13 Jan 2005 10:06:15 -0500, Alan DeKok [EMAIL PROTECTED] wrote: AJ Grinnell [EMAIL PROTECTED] wrote: Ok, I have peap working with the users file and with mysql, and I have radius working with ldap also. But I can not get a user to authenticate against ldap using peap. The

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Christopher Price
I am having the same problem. When you use an EAP type (like PEAP), a hash of the password is sent to the radius server. The radius server is able to deal with this if it has the password (such as in a mysql DB or local file). The password can be hashed and compared with the hash that was

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Ron Wahler
: Thursday, January 13, 2005 8:58 AM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue I am having the same problem. When you use an EAP type (like PEAP), a hash of the password is sent to the radius server. The radius server is able to deal

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Ron Wahler
: Thursday, January 13, 2005 8:58 AM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue I am having the same problem. When you use an EAP type (like PEAP), a hash of the password is sent to the radius server. The radius server is able to deal with this if it has

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread AJ Grinnell
Does anyone have an example of radiusd.conf that will show the following. I know this can be done. Windows XP client -- 802.1x/PEAP -- Freeradius 1.0.1 -- Active Directory I have tried many different configs, yet I am still getting an error with the password. I just need an example, please. -

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Israel Fabio Alves
, PEAP, Active Directory issue I am having the same problem. When you use an EAP type (like PEAP), a hash of the password is sent to the radius server. The radius server is able to deal with this if it has the password (such as in a mysql DB or local file). The password can be hashed and compared

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Willey Kurt D
yes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Israel Fabio Alves Sent: Thursday, January 13, 2005 1:19 PM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue Hi, I have a question about the problem bellow

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Willey Kurt D
-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue Does anyone have an example of radiusd.conf that will show the following. I know this can be done. Windows XP client -- 802.1x/PEAP -- Freeradius 1.0.1 -- Active Directory I have tried many different configs, yet I am still

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Israel Fabio Alves
Of Israel Fabio Alves Sent: Thursday, January 13, 2005 1:19 PM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue Hi, I have a question about the problem bellow. If in LDAP (openldap) we provide the ntpassword (with samba), it will work for authenticate Windows XP

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Willey Kurt D
] [mailto:[EMAIL PROTECTED] On Behalf Of Israel Fabio Alves Sent: Thursday, January 13, 2005 2:25 PM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue Sorry for the question, but do you have a sample radius.conf to publish for as. Because a tried configure

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Alan DeKok
AJ Grinnell [EMAIL PROTECTED] wrote: Im sorry, I have not seen any replies that you may have given me. You not only saw, you responded. Please remember the answers you're given on this list. It helps to avoid repetition.

Re: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Alan DeKok
Israel Fabio Alves [EMAIL PROTECTED] wrote: If in LDAP (openldap) we provide the ntpassword (with samba), it will work for authenticate Windows XP users with PEAP + mschapv2 ?? Yes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Ron Wahler
issue yes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Israel Fabio Alves Sent: Thursday, January 13, 2005 1:19 PM To: freeradius-users@lists.freeradius.org Subject: Re: LDAP, PEAP, Active Directory issue Hi, I have a question about the problem bellow

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Willey Kurt D
AD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ron Wahler Sent: Thursday, January 13, 2005 4:13 PM To: freeradius-users@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue Are you storing the passwords in OpenLDAP or Active

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Ron Wahler
: RE: LDAP, PEAP, Active Directory issue AD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ron Wahler Sent: Thursday, January 13, 2005 4:13 PM To: freeradius-users@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue Are you storing

RE: LDAP, PEAP, Active Directory issue

2005-01-13 Thread Willey Kurt D
PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ron Wahler Sent: Thursday, January 13, 2005 4:25 PM To: freeradius-users@lists.freeradius.org Subject: RE: LDAP, PEAP, Active Directory issue So when you use Samba you can get the password in the clear ? how Is the mschap hash generated? Ron