Funny thing is Wcom give you a choice in their configure sheet of using PAP or CHAP but then tell you both must be supported when you go to schedule the test time. :)
-----Original Message----- From: Alan DeKok [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 20, 2002 4:13 PM To: [EMAIL PROTECTED] Subject: Re: CHAP-Password & LDAP Auth? Shawn O'Shea <[EMAIL PROTECTED]> wrote: > My problem is that the packets from them send the password as > CHAP-Password attribute. If I set this in my test data for radclient, > my freeradius 0.5 server says: Wed Mar 20 15:35:57 2002 : Auth: > rlm_ldap: Attribute "User-Password" is required for authentication. > Cannot use "CHAP-Password". See the FAQ for further explanation. > Wed Mar 20 15:35:57 2002 : Auth: Login incorrect: > [{ed: whatever username -sko}/<CHAP-Password>] (from nas UNKNOWN-NAS > port 0 cli 8475061520) > > If I use just User-Password, this works like a dream. Any suggetions? Don't use CHAP. From what I recall, the LDAP module tries to authenticate to the LDAP server, usin g the username/password supplied in the packet. Therefore, it needs access to the plain-text password, as it's telling you. The alternative is to use a DB which stores the password in clear text. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
