Michael Cunningham <[EMAIL PROTECTED]> wrote: > Username and password for each user are stored in > cleartext in an ldap server. The free radius server > should support obtaining this information from ldap > via a TLS connection and authenticating the user > using Password, PAP, Chap, MS-Chap, MS-Chap2, and > EAP-MD5.
Make that PAP *or* CHAP *or* MS-CHAP ... > Users file > ----------------- > DEFAULT Auth-Type := LDAP > Fall-Through = Yes > DEFAULT Auth-Type := MSCHAP > Fall-Through = Yes > DEFAULT Auth-Type := CHAP > Fall-Through = Yes Uh.. this says "Use LDAP.. No, use MSCHAP! No, use CHAP!" See 'man users' We're currently working on the modules so that they will do all this for you automagically. i.e. the MSCHAP module SHOULD notice the MSCHAP attributes, and add an 'Auth-Type := MSCHAP'. Some of this is done already. For now, just delete all of the Auth-Type attributes you've set in the 'users' file. They don't do what you say you want to do, so they're not helping. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
