On 06/24/2010 12:21 PM, Raymond Norton wrote:
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP. Are you sure that
the user is configured correctly?
You don't have the userPassword mapped in /etc/raddb/ldap.attrmap
But even if you did, ldap has this:
userPassword:: e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9
and the request has this:
User-Password = "password"
They aren't the same are they? The LDAP entry looks like a hash, you'll
have to figure out which kind. Note it does not contain a {hash} prefix
so FreeRADIUS can't figure what kind of hash it is. You'll have to force
that with the right radius attribute for userPassword in ldap.attrmap.
But you better look at this:
http://deployingradius.com/documents/protocols/compatibility.html
and understand the consequences.
--
John Dennis <[email protected]>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
