Hi
You need to re-order your authorize section so that MS_CHAP and CHAP appear
after LDAP. The LDAP module will read the client's details into memory for
use by the 'CHAP authenticate modules.
Regards Mike D.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Patrick
Mcshane
Sent: 15 June 2003 08:31
To: [EMAIL PROTECTED]
Subject: LDAP authent/authorize and CHAP
Hello,
Can ANYONE suggest ANY WAY that might allow CHAP requests
to be handled even though we use LDAP to handle authentication
and authorization? Our passwords (userpassword attribute)
are stored in cleartext in the latest OpenLDAP so at least
we are prepared for CHAP. Maybe some sort of hack in the
users file?
We occasionaly see the following error:
Sun Jun 15 13:07:20 2003 : Auth: rlm_ldap: Attribute
"User-Password" is required for authentication.
Cannot use "CHAP-Password".
Our auth sections look like:
authorize {
preprocess
chap
mschap
daily
attr_filter
suffix
ldap {
notfound = return
}
files
}
authenticate {
authtype PAP {
pap
}
authtype CHAP {
chap
}
authtype MS-CHAP {
mschap
}
authtype LDAP {
ldap
}
}
Thanks,
Pat McShane
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
