> Problem still persists. What do you mean by the {crypt} header.
>From RFC2256:
5.36. userPassword
( 2.5.4.35 NAME 'userPassword' EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
Passwords are stored using an Octet String syntax and are not
encrypted.
Since you are intent on violating RFC you need to add a password header
to indicate what type of encryption is used.
>rlm_ldap: waiting for bind result ...
>rlm_ldap: Bind failed with invalid credentials
>++[ldap1] returns reject
>auth: Failed to validate the user.
Without the header userPassword is treated as clear text (not crypted
value) and that does't match.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
