cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
119
Views
1
Helpful
4
Replies

Can WLC 9800 authenticate versus LDAP server with hash passwords

Raul Tamayo
Level 1
Level 1

Hi!

Can WLC 9800 authenticate clients against a LDAP server where the passwords are crypted (LDAP server returns a hash password, example userPassword = {SHA}ks9d6cm16tfmqr8cimfh3ad) or only againts clear-text passwords (which would be insecure)?

4 Replies 4

What about this article:

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/216744-configuring-catalyst-9800-wlc-with-ldap.html#toc-hId--187829299

It says:

"Ensure server returns userPassword in cleartext, else authentication fails."

It seems this guide is for not encrypted traffic using port 389. encrypted traffic would be 636

FlavioMiranda_0-1734380300394.png

 

I dont think only password is encrypted but whole packet exchange between wlc 9800 and LDAP will encap inside tls secure packet.

So sure using tls is more secure.

MHM

Review Cisco Networking for a $25 gift card