Hi,
I had a similar problem and the solution was the mapping, such as Edvin says. I add the following entries to ldap.atrrmap:
checkItem LM-Password lmPassword checkItem NT-Password ntPassword checkItem User-Password lmPassword
Now it's working but using clear-text passwords, so I have a question, can I have encrypted passwords in the LDAP database if I am using PEAP with mschapv2?
Regards, Raul Tamayo
Seferovic Edvin wrote:
Hi,
probably you are using MS CHAP? Right? Well MS CHAP protocol asks for User-Password attribute which cannot be found in your LDAP directory. You probably have attribute called userPassword. This attribute may be encrypted or in clear text. But what you actually need is sambaNTPassword attribute that uses the MS encryption. So you have to "map" the attribute User-Password to attribute sambaNTPassword. This can be done by editing the ldap_attr.map in your freeradius directory. Take a look at that file and you'll understand it.
Regards,
Edvin Seferovic
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of guest01 Sent: Dienstag, 08. März 2005 13:07 To: [email protected] Subject: Re: rlm_ldap - Attribute "User-Password" is required for authentication
hm, ok, and that means? Do you any suggestions how to make it work?
- List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
