On Wed, Aug 15, 2012 at 10:45 PM, Phil Mayers <[email protected]> wrote: > On 15/08/12 16:13, Fajar A. Nugraha wrote: > >> >> Something is setting User-Password check item. If you store the > > > Bear in mind that rlm_ldap has some quite complex password processing rules > hard-coded into the source. In particular, I think that code still, > incorrectly, uses PW_USER_PASSWORD as the attribute, then overrides it based > on the presence and value of a {type} header: > > https://github.com/alandekok/freeradius-server/blob/v2.1.x/src/modules/rlm_ldap/rlm_ldap.c#L1545 > > In particular, AFAICT if password_attribute is set, and auto_header is > unset, then the attribute added will be User-Password.
Hmm ... I wonder if simply replacing PW_USER_PASSWORD with PW_CLEARTEXT_PASSWORD there will work :) -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
