802.1x, EAP and LDAP
Phil Mayers
p.mayers at imperial.ac.uk
Tue Mar 4 11:35:29 CET 2008
> rlm_ldap: ldap_release_conn: Release Id: 0
> modcall[authorize]: module "ldap" returns ok for request 0
> rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this.
> modcall[authorize]: module "pap" returns noop for request 0
The ldap module didn't find a password for the user, thus the PAP module
couldn't authenticate the user.
I don't know enough about eDirectory to help much more; I can say that a
"normal" LDAP server might contain entries of the form:
dn: cn=user,ou=....
cn: user
objectClass: top
objectClass: person
userPassword: {CRYPT}xxxxxxxx
...or similar, and the ldap module is smart enough to figure it out.
As Ivan has pointed out, I suspect this line higher up is the issue:
> rlm_ldap: No default NMAS login sequence
A quick read through the source code indicates the mysterious NMAS is
novell universal auth / password / blah.
More information about the Freeradius-Users
mailing list