On Fri, Dec 03, 2010 at 02:43:50PM -0600, James Winter wrote: > On Dec 3, 2010, at 10:52 AM, Phil Mayers wrote: >> You haven't said what your problem is > > Sorry! My server tells me that it ldap did not find a correct matchup, > but then returns true. > > [ldap] performing search in cn=Users,dc=ds,dc=saintjoe,dc=edu, with > filter (samaccountname=jwn6657) > [ldap] looking for check items in directory... > [ldap] looking for reply items in directory... > WARNING: No "known good" password was found in LDAP. Are you sure that > the user is configured correctly? > [ldap] user jwn6657 authorized to use remote access > [ldap] ldap_release_conn: Release Id: 0 > ++[ldap] returns ok > > It also then continues to search through other forms of authentication, > and then it seems to return false to the remote device if any of these > are false.
The above log doesn't look like authentication; rather it's authorization. If you want your LDAP module instance to authenticate, too, call it from the 'authenticate' section? -- 2. That which causes joy or happiness. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html