Josip, thanks for your response.<br><br><br>
<div class="gmail_quote"><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Add LDAP into the authenticate section, so that it simply tries to re-bind<br>
with the provided credentials? Like this:<br>
<br>
Auth-Type LDAP {<br>
ldapPerson<br>
}<br></blockquote><div><br>I try this configuration too, but it doesn't work for me. Freeradius doesn't set the value to Auth-Type attribute. I thik that this is because the userPassword attribute is only visible to each particular user when binds.<br>
<br>rad_recv: Access-Request packet from host X.X.X.X port 49621, id=130, length=58<br> User-Name = "<a href="mailto:aigallardo@unex.es">aigallardo@unex.es</a>"<br> User-Password = "XXXX"<br>server test {<br>
# Executing section authorize from file /etc/freeradius/sites-enabled/test<br>+- entering group authorize {...}<br>[suffix] Looking up realm "<a href="http://unex.es">unex.es</a>" for User-Name = "<a href="mailto:aigallardo@unex.es">aigallardo@unex.es</a>"<br>
[suffix] Found realm "<a href="http://unex.es">unex.es</a>"<br>[suffix] Adding Stripped-User-Name = "aigallardo"<br>[suffix] Adding Realm = "<a href="http://unex.es">unex.es</a>"<br>[suffix] Authentication realm is LOCAL.<br>
++[suffix] returns ok<br>[files] users: Matched entry DEFAULT at line 33<br>++[files] returns ok<br>[ldapPerson] performing user authorization for aigallardo<br>[ldapPerson] expand: %{Stripped-User-Name} -> aigallardo<br>
[ldapPerson] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=aigallardo)<br>[ldapPerson] expand: ou=people,dc=unex,dc=es -> ou=people,dc=unex,dc=es<br> [ldapPerson] ldap_get_conn: Checking Id: 0<br>
[ldapPerson] ldap_get_conn: Got Id: 0<br> [ldapPerson] attempting LDAP reconnection<br> [ldapPerson] (re)connect to <a href="http://ldap.unex.es:389">ldap.unex.es:389</a>, authentication 0<br> [ldapPerson] bind as / to <a href="http://ldap.unex.es:389">ldap.unex.es:389</a><br>
[ldapPerson] waiting for bind result ...<br> [ldapPerson] Bind was successful<br> [ldapPerson] performing search in ou=people,dc=unex,dc=es, with filter (uid=aigallardo)<br>[ldapPerson] No default NMAS login sequence<br>
[ldapPerson] looking for check items in directory...<br>[ldapPerson] looking for reply items in directory...<br> [ldapPerson] gecos -> Nombre-Completo = "Ana-Isabel Gallardo Gomez,Dpto. Tecno. Computadores y Comuni.,,"<br>
WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly?<br>[ldapPerson] user aigallardo authorized to use remote access<br> [ldapPerson] ldap_release_conn: Release Id: 0<br>
++[ldapPerson] returns ok<br>++[expiration] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user<br>
Failed to authenticate the user.<br>} # server test<br> <br></div></div><br>Thank you very much and sorry for my english.<br><br><br><br>++ Ana Gallardo Gómez ++<br><br><br>