Same config 1.1.2 but not work on 1.1.7 - not set Auth-Type
Alan DeKok
aland at deployingradius.com
Thu Sep 13 07:14:51 CEST 2007
Ivan Lago wrote:
> I had the same problem: the ldap module only sets Auth-Type if it do not
> add a cleartext password to config items (the line saying "rlm_ldap:
> Added password {CRYPT}XXXXXXXX in check items"). Cannot the password be
> stored in LDAP directly?
Yes, it can. But if you're telling the server about a "known good"
password, it means that the *server* can authenticate the user. Setting
"Auth-Type := LDAP" is unnecessary. In many, many, cases, it's also WRONG.
Add the "pap" module to the "authorize" section.
Alan DeKok.
More information about the Freeradius-Users
mailing list