On Wed, Jan 09, 2002 at 09:01:50PM -0500,
[EMAIL PROTECTED] <[EMAIL PROTECTED]> is thought to have said:
> "Tabor J. Wells" <[EMAIL PROTECTED]> wrote:
> > Ah. Ok. Then I guess I'm confused about something else in my config because
> > authenticating against my LDAP server is failing when I use feed it
> > 'User-Name = "test", CHAP-Password = "blah"' but it works when I use
> > 'Password = "blah"'. The -X output shows:
>
> This was discussed on the list in the past week or so. Use google
> to do a search on 'freeradius ldap chap passwrod', and you should get
> the results.
I read those before I posted, and AFAICT I have my server configured
the way it's supposed to be according to that thread.
The only thing that I can see that may be different is that have multiple
userPassword entries in a given user's LDAP record. One for {crypt} and
one for {clear}.
I noticed the following line in the debug output:
rlm_ldap: Password header not found in password {crypt}[cryptstring] for
user test
Is it possible that rlm_ldap is only taking the first userPassword
result returned and using that rather than the entry that matches the
password_header set in the ldap module?
Tabor
--
--------------------------------------------------------------------
Tabor J. Wells [EMAIL PROTECTED]
Fsck It! Just another victim of the ambient morality
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
