Security

 View Only

  • 1.  Clearpass database verification against LDAP (SSHA hashing)

    Posted Dec 07, 2012 08:15 AM

    Hello

     

    A customer of ours wants to use PEAP-MSCHAPv2 but has an LDAP database with SSHA hashing. I guess the Aruba controller wont be able to "convert" that SSHA hashing into something Windows would understand (NT hash or clear text). Do you guys know if Clearpass can perform that step?

     

    Thanks a lot

     

    Regards

     



  • 2.  RE: Clearpass database verification against LDAP (SSHA hashing)
    Best Answer

    Posted Dec 07, 2012 04:36 PM

    Nope.  To do MsChapV2, the LDAP database must store passwords in either cleartext or nt-Hash.   http://deployingradius.com/documents/protocols/compatibility.html

     

    It does not have anything to do with clearpass, really.

     



  • 3.  RE: Clearpass database verification against LDAP (SSHA hashing)

    Posted Dec 08, 2012 04:40 AM

    Hum, I was afraid you'd say so :(

     

    I guess they're stuck with EAP-GTC then...

     

    Thanks a lot



Related Content