Re: 1.1.7, ldap and auth-type

Thanks, i removed the password_attribute and it worked.

Anyway i did it because my LDAP directory do not have a password attribute for computer entries, so i wanted to check the mac-address for both user-name and password. Than i didn't go on with this for various reasons (i should have rewritten User-Password too, but this could interfere if a user try to authenticate with a password that casually match the regexp for a mac-address...), and i resorted to authenticate with always_ok if the auth_type is macbypass (i do not expect to have crafted requests in my network anyway...), but that remained in the config file since it never gave problems before 1.1.7

Anyway if you have a better suggestion i am always ready to learn

On Aug 27, 2007, at 3:28 PM, Phil Mayers wrote:

2. Since it's wrong anyway (00:11:22:33:44:55 != 001122334455), either

remove the plaintext password from the LDAP directory or remove the

"password_attribute" config item from the module instance.

Why *are* you copying a "wrong" password from LDAP to the config items?

How is the LDAP server authenticating them?

Follow-Ups:

Re: 1.1.7, ldap and auth-type
- From: Phil Mayers <p.mayers@imperial.ac.uk>

References:

1.1.7, ldap and auth-type
- From: Ivan Lago <ivan.lago@ifom-ieo-campus.it>
Re: 1.1.7, ldap and auth-type
- From: Phil Mayers <p.mayers@imperial.ac.uk>
Re: 1.1.7, ldap and auth-type
- From: Ivan Lago <ivan.lago@ifom-ieo-campus.it>
Re: 1.1.7, ldap and auth-type
- From: Phil Mayers <p.mayers@imperial.ac.uk>

This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.