still a few issues so I upgraded to 2.1.1 and in debug mode (and I have enabled ldap), I see this...
[ldap] checking if remote access for $SOME_USER is allowed by uid [ldap] looking for check items in directory... rlm_ldap: sambaNtPassword -> NT-Password == 0x... rlm_ldap: sambaLmPassword -> LM-Password == 0x... [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? [ldap] user $SOME_USER authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Normalizing NT-Password from hex encoding [pap] Normalizing LM-Password from hex encoding [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP should I just disable pap? (I can't think of anything that I need to use it for) OR... considering that the LDAP 'userPassword' is essentially the same password that is contained in sambaNTPassword and sambaLMPassword, do I just somehow enable # password_attribute = "userPassword" as it talks about in rlm_ldap doc file? Craig - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
