AP->FR->LDAP authentication

Julie Chen chenj at ssc.ucla.edu
Sat Mar 17 05:54:02 CET 2012


Yes, I understand that. But I'm having little problem figure out right configuration.  Would someone please advice on the configuration file?

[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /etc/raddb/sites-enabled/inner-tunnel

I'm using the default inner-tunnel just added ldap at the authorize.

Thanks
Julie
________________________________________
From: freeradius-users-bounces+chenj=ssc.ucla.edu at lists.freeradius.org [freeradius-users-bounces+chenj=ssc.ucla.edu at lists.freeradius.org] on behalf of Alan DeKok [aland at deployingradius.com]
Sent: Friday, March 16, 2012 8:02 PM
To: FreeRadius users mailing list
Subject: Re: AP->FR->LDAP authentication

Julie wrote:
> The problem is when I try to authenticate through AP. The debug log shows
> Failed to authenticate the user. here is the log file.
...
> [mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
...
>   [ldap] userPassword -> Password-With-Header ==
> "{crypt}$1$svVH/H.V$S02th.oBG7iQV0UtFBcVx1"

  You CANNOT do MS-CHAP with crypt'd passwords.  It's impossible.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list