LDAP
Alan DeKok
aland at deployingradius.com
Thu Jul 29 09:09:35 CEST 2010
Tom Leach wrote:
>
> Alan, changing from User-Password to Password-With-Header brought back
> the 'No "known good" password' error. I'm going through the rlm_pap.c
> code to try to see what's going on here. I haven't found any docs yet
> on what the various mapping possibilities are and what they do. Do you
> have a pointer to any so I don't keep bugging you and the list?
> I agree with the 'get it work, then tune it' approach. That's where I'm
> at now. It's working, I'm just trying to make all the messages go away :)
PLEASE don't get excited about warning messages. They're just
messages. It's not worth it to spend days trying to make the messages
go away. If the server works, it works.
> Here is a snippet from radiusd -X:
> [ldap-server1] Added Crypt-Password = 4gOgBZqZgtwIw in check items
> [ldap-server1] looking for check items in directory...
> [ldap-server1] userPassword -> Password-With-Header ==
> "{crypt}4gOgBZqZgtwIw"
> [ldap-server1] looking for reply items in directory...
> WARNING: No "known good" password was found in LDAP. Are you sure that
> the user is configured correctly?
That message will go away in 2.1.10, if you're using Password-With-Header.
Alan DeKok.
More information about the Freeradius-Users
mailing list