On Thu, 9 Oct 2003, seth666 666 wrote: > Hi > I want to authenticate users with username/password stored in an Active > Directory server > I can access the Active Directory from my freeRADIUS server via rlm_ldap > module, i can search and find users into Active Directory, but i can't > access the password (even in crypt form). > Here is the error message : > rlm_ldap: Attribute User-Password is required for authentication
That refers to the User-Password attribute in the RADIUS request not in ldap. > > 1/ Which is the attribut that store users password in Active Directory ? I have no idea > 2/ With which algorythm the password is encrypted ? Again no idea > 3/ How to tell to rlm_ldap to check not User-Password attribut but another > attribut? rlm_ldap in auth mode will only do an ldap bind, which password attribute will be used is an ldap server issue. > 4/ How to access this attribute (if possible) ? In AD? Again i personally don't know. > 5/ If not possible, how can i say to rlm_ldap to try to bind with the > user/password pair i want to authenticate and if the bind is successful, to > grant access to the user ? That's what it's doing. > 6/ I don't want to use rlm_smb, and if possible not to use PAM (leaks > memory) with Kerberos > 7/ I don't want to proxy to an IAS server :) > > Thank You a lot > > P.S : i have read others mail about this problem but i can't find a way that > work > > _________________________________________________________________ > Tired of spam? Get advanced junk mail protection with MSN 8. > http://join.msn.com/?page=features/junkmail > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
