hi list i was trying to deploy freeradius + openldap ,and got warning like this
(0) ldap : Processing user attributes(0) WARNING: ldap : No "known good" password added. Ensure the admin user has permission to read the password attribute (0) WARNING: ldap : PAP authentication will *NOT* work with Active Directory (if that is what you were trying to configure)
rlm_ldap (ldap): Released connection (4) (0) [ldap] = ok (0) [expiration] = noop (0) [logintime] = noop(0) WARNING: pap : No "known good" password found for the user. Not setting Auth-Type (0) WARNING: pap : Authentication will fail unless a "known good" password is available
(0) [pap] = noop (0) } # authorize = ok(0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject
the ldap account i added to radius configuration file was not the LDAP Manager account ,
but when i change the account to LDAP Manager user , the warning would not be shown again , and the pass authentication challenge.
how can i authorize a normal ldap account can read userPassword attribute , then i can add the account to those system which need LDAP .
<<attachment: gbcbooksmj.vcf>>
