[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: MsChap v2 passwords and Openldap
> I have the following situation:
> - one 3030 VPN Concentrator
> - AAA Radius Server (Radiator) that uses the accounts stored in one
> OpenLdap Server (the passwords are stored in crypt format)
> The problem is: the PPTP authentication with mschapv2 doesn't work.
Yep, computing an M$-CHAPv2 hash requires a clear-text password, so
either change the slapd.conf to use {CLEAR} as the userpassword encoding
or do CHAPv2 via WindBind/Samba which keeps an NT hash around which will
work also. I'm entirely certain you cannot do M$-CHAPv2 from a
traditional crypt.
> Anyone can help me?
The only role OpenLDAP plays here is how it crypts the password and to
make sure that mechanism is compatible with generating a CHAP hash.