On Thu, 9 Oct 2003, seth666 666 wrote:
> Thank You for your answers. > But I can't understand why rlm_ldap ask me for User-Password attribute. What > do I have to do for rlm_ldap doesn't stop the authentication process because > it doen't have a User-Password attribut ? > > in my case, rlm_ldap doesn't only do a LDAP bind with User/password entered > by the supplicant. > It does : > FreeRADIUS > Active Directory > LDAP(Bind:User=admin , password=xxx) > -------------------------------------> > LDAP(Bind Succesfull) > <------------------------------------- > LDAP(Search:cn=usertoauthenticate)+list of radius > attributes > -------------------------------------> > LDAP(Success:msNPAllowDialin=True) > <------------------------------------- > Then rlm_ldap make the erro message : Needs Attribute User-Password to > authenticate > > I think rlm_ldap would like in the last LDAP packet that the Active > Directory return a User-Password attribut. > Why? > Why not only trying to make an LDAP bind with user/password of the user to > authenticate? > Or how to turn rlm_ldap in this mode (if there is more than one mode in > rlm_ldap) > > Thank you again > Can you supply the output from radiusd -X? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
