[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-software
Subject: Re: MsChap v2 passwords and Openldap
From: Adam Tauno Williams <adam () morrison-ind ! com>
Date: 2005-01-31 13:58:00
Message-ID: 1107179880.5915.6.camel () laptop01 ! whitemice ! org
[Download RAW message or body]
> I have the following situation:
> - one 3030 VPN Concentrator
> - AAA Radius Server (Radiator) that uses the accounts stored in one
> OpenLdap Server (the passwords are stored in crypt format)
> The problem is: the PPTP authentication with mschapv2 doesn't work.
Yep, computing an M$-CHAPv2 hash requires a clear-text password, so
either change the slapd.conf to use {CLEAR} as the userpassword encoding
or do CHAPv2 via WindBind/Samba which keeps an NT hash around which will
work also. I'm entirely certain you cannot do M$-CHAPv2 from a
traditional crypt.
> Anyone can help me?
The only role OpenLDAP plays here is how it crypts the password and to
make sure that mechanism is compatible with generating a CHAP hash.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic