Security

Reply
Moderator

Clearpass database verification against LDAP (SSHA hashing)

Hello

 

A customer of ours wants to use PEAP-MSCHAPv2 but has an LDAP database with SSHA hashing. I guess the Aruba controller wont be able to "convert" that SSHA hashing into something Windows would understand (NT hash or clear text). Do you guys know if Clearpass can perform that step?

 

Thanks a lot

 

Regards

 

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Guru Elite

Re: Clearpass database verification against LDAP (SSHA hashing)

Nope.  To do MsChapV2, the LDAP database must store passwords in either cleartext or nt-Hash.   http://deployingradius.com/documents/protocols/compatibility.html

 

It does not have anything to do with clearpass, really.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Moderator

Re: Clearpass database verification against LDAP (SSHA hashing)

Hum, I was afraid you'd say so :(

 

I guess they're stuck with EAP-GTC then...

 

Thanks a lot

Samuel Pérez
ACMP, ACCP, ACDX#100

---

If I answerd your question, please click on "Accept as Solution".
If you find this post useful, give me kudos for it ;)
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: