Re: Same config 1.1.2 but not work on 1.1.7 - not set Auth-Type
Ivan Lago wrote:
> I had the same problem: the ldap module only sets Auth-Type if it do not
> add a cleartext password to config items (the line saying "rlm_ldap:
> Added password {CRYPT}XXXXXXXX in check items"). Cannot the password be
> stored in LDAP directly?
Yes, it can. But if you're telling the server about a "known good"
password, it means that the *server* can authenticate the user. Setting
"Auth-Type := LDAP" is unnecessary. In many, many, cases, it's also WRONG.
Add the "pap" module to the "authorize" section.
Alan DeKok.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.