On 17/01/12 13:39, vijay t wrote:
[ldap] Added User-Password = {SASL}suresht in check items
This is all wrong.{SASL}user is only meaningful to the LDAP server. You'll just confuse FreeRADIUS with this; it won't work.
You need to understand what you're trying to accomplish: 1. PAP request comes into FreeRADIUS 2. FreeRADIUS performs LDAP search to find LDAP user DN 3. FreeRADIUS makes LDAP BIND with LDAP user DN & PAP password Instead, you have FreeRADIUS doing this: 1. PAP request comes into FreeRADIUS2. FreeRADIUS performs LDAP search to find LDAP user DN and "plaintext password" 3. FreeRADIUS tries to perform authentication locally using the "plaintext" password (actually {SASL}username)
I'm not sure how you can accomplish what you want. You probably need to "hide" userPassword from FreeRADIUS, so that it can't see it.
Basically, you're doing something weird. You're going to have to try and figure this out yourself, to a large extent.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
