[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Radius authentication and storing passwords in cleartext

Using slapd.conf... password-hash {CLEARTEXT}
Using cn=config... olcPasswordHash {CLEARTEXT}
See the slapd.conf manual for details.
On Thu, Jul 23, 2009 at 1:13 PM, Eric Bourkland <eric.bourkland@trustedconcepts.com> wrote:
I have zimbra openLDAP v2.3.43 running on RHEL4.7 ES and I am trying to connect our freeRadius server to authenitcate against LDAP.  I have also being trying to stand up plane openLDAP v2.4.17 to see if I can get that to work.
Free Radius requires PEAP/CHAPv2 to authenticate, which means it needs to be handed a clear text password in order to work.  Yes, I know in general this is not a good idea.
How can I configure openLDAP to store passwords (userpassword attribute) in cleartext.
Or at the very least create a script that will be able to take the encrypted password and store it in cleartext as another attribute.