LDAP backend and Password Encryption
Phillip Heller
pheller at me.com
Mon Aug 18 18:24:18 CEST 2008
On Aug 18, 2008, at 12:03 PM, Alan DeKok wrote:
> Phillip Heller wrote:
>> rlm_ldap: Added User-Password =
>> {SSHA}aZj99e5gRcpUEv26zXq7VvTa2apMdKBY44sVyg== in check items
>
> That should work....
>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>> !!! Replacing User-Password in config items with
>> Cleartext-Password. !!!
>
> You've *deleted* the "pap" entry from the "authorize" section. It
> should be the last entry in that section.
Ok, I added that in, but now:
rad_check_password: Found Auth-Type
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-
Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known
good" !!!
!!! clear text password is in Cleartext-Password, and not in User-
Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
auth: type "PAP"
+- entering group PAP
rlm_pap: login attempt with password "fnord"
rlm_pap: Using clear text password
"{SSHA}uNexfodOuLt4WaJuzKvMOaDDm8s7kapAdFEVYw=="
rlm_pap: Passwords don't match
++[pap] returns reject
auth: Failed to validate the user.
--phil
More information about the Freeradius-Users
mailing list