Hi all.
I'm trying to autenticate users using ClearPass and OpenLDAP. The autentication mode is EAP TTLS + PAP.
It works fine when the user password hash is cleartext, but if we change to SHA1 or other methods we got the follow authentication error:
(RADIUS PAP: Configured SHA1 password has incorrect length)
This link says the EAP TTLS + PAP supports all methods.http://deployingradius.com/documents/protocols/compatibility.html
Do you have any tip?
Thank you
Hi Victor.
All users' passwords are in SHA1. We have created a new user with cleartext password for testing.
The user with password cleartext authentication works, but not for users with password in SHA1 mode or another method.
I'm sorry for delay.
Yes. It is prefixed with {SHA} in the userPassword attribute.
Any other idea ?
Please see the pictures attached.
Thank you Tim
I checked the option 'Bind User - Allow bind using user password ' at clearpass side, and it worked with SHA1.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.