Security

Reply
Frequent Contributor I
Posts: 92
Registered: ‎01-27-2015

LDAP Authentication

I try to authenticate via LDAP server

 

I entered username/password and choose authentication type was PAP. It's successful 

but If i choose authentication type was MS-CHAPS-V2,

There's alert that "Internal Error : Invalid response (-1)".

 

I want to know for LDAP authentication. Can I authenticaion as MS-CHAPS-V2 ? and this authentication method Are secure ?

 

Thanks,

Aruba Employee
Posts: 367
Registered: ‎11-04-2011

Re: LDAP Authentication

LDAP does not support MS-CHAPv2, as that is a challenge-response protocol which needs access to either the plaintext password or the NT-hash of the user password. I don't know of any LDAP server that supports this. You should be able to use EAP-GTC against an LDAP server, which is supported as a standard, but is not supported out-of-the box by Microsoft Windows (works with most other platforms).

 

When running ClearPass, if you have access to the unencrypted password or hash of the password, you can use that. For the Novell LDAP, there is information on how to tweak your eDirectory to expose the password information over LDAP. By default, most LDAP servers do not expose that information for the obvious security reasons.

 

Herman

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
Search Airheads
Showing results for 
Search instead for 
Did you mean: