[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Cisco LEAP username and password in FreeRadius
From: "Alan DeKok" <aland () ox ! org>
Date: 2003-03-30 15:53:25
[Download RAW message or body]
michael.kopp@gmx.net wrote:
> > LEAP uses MS-CHAP for authentication. As a result, it's impossible
> >to combine System authentication with LEAP.
...
> I`d like to know is this a "limitation" of freeradius or of the leap
> protocol ?
It's a limitation of MS-CHAP, as I tried to point out. See the FAQ
for more comments on CHAP. FreeRADIUS didn't define MS-CHAP, so it is
NOT responsible for this problem.
> I think with Cisco Secure ACS you can utilize backend databases like Active
> Directory or LDAP , so is this only limited in freeradius and why ?
Because LDAP and Active directory are not Unix system password
files. Hint: The names are different!
LEAP *can* do authentication with NT-Password hashes, because
they're part of the MS-CHAP protocol.
Alan DeKok.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic