I've taken out the LDAP section in users - so it's exactly the same as the default users file.
ldap is now listed after mschap in authorize {}. Trying again, I get the following:
rlm_ldap: user joey authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
Login incorrect: [joey/<no User-Password attribute>] (from client vpn-external port 0 cli 165.236.229.162)
Sending Access-Reject of id 113 to x.x.x.x:32792
MS-CHAP-Error = "pE=691 R=1"
Any other sugggestions? Thanks!
On 2/6/06, Alan DeKok <[EMAIL PROTECTED]> wrote:
Joey McDonald <[EMAIL PROTECTED]> wrote:
> I'm now storing my password(s) in the ldap directory in plain text. Using
> radtest from another machine on the network authenticates from the LDAP
> server just fine.
Don't set Auth-Type.
> In users I added:
>
> DEFAULT Auth-Type := LDAP
> Fall-Through = 1
Delete that. You don't need it.
List "ldap" in "authorize", AFTER "mschap".
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
