On Mon, 8 Jul 2002, Daniel Chabrol wrote: > Hello FreeRadius-Users, > > I'm using LDAP to store radius-accounts. Because CHAP is needed the > LDAP-schema is extended by an plain-password attribute (password_attribute = > vfnmRadiusPassword). The problem is that the password is queried by > freeRadius and *additionaly* a bind to LDAP with the user-id an password is > done. Because I don't want to maintain the same password in userPasswort and > vfnmRadiusPassword my question is, if there is a possibility to check > passwords only with my plain-password-attribute and get rid of this > "bind-check"? > > Best regards, > Daniel Chabrol
Yes. If you are using only CHAP and not PAP then you can just remove the ldap module from the authenticate section and only keep the chap module. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
