Hi everyone, I have a problem with my configuration, authorize is ok but authentication fail.I use freeradius 1.1.6 e openldap 2.2.13 and use windows xp for client with securew2. My access-point is Cisco aironet 1100. My radiusd.conf: .......... ldap { server = "localhost" identity = "cn=root,dc=teste,dc=pt" password = secret basedn = "dc=teste,dc=pt" filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" base_filter = "(objectclass=radiusprofile)" start_tls = no access_attr = "uid" dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 password_attribute = userPassword timeout = 4 timelimit = 3 net_timeout = 1 set_auth_type = no } .............. authorize { preprocess ldap pap } authenticate{ Auth-Type PAP { pap } Auth-Type LDAP { ldap } eap } My eap.conf: eap{ default_eap_type = ttls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = yes md5 { } leap { } gtc { auth_type = PAP } tls { private_key_password = whatever private_key_file = ${raddbdir}/certs/cert-srv.pem # If Private key & Certificate are located in # the same file, then private_key_file & # certificate_file must contain the same file # name. certificate_file = ${raddbdir}/certs/cert-srv.pem # Trusted Root CA list CA_file = ${raddbdir}/certs/demoCA/cacert.pem dh_file = ${raddbdir}/certs/dh random_file = ${raddbdir}/certs/random } ttls { default_eap_type = gtc use_tunneled_reply = yes } } The log: ............ rlm_ldap: - authorize rlm_ldap: performing user authorization for user_test radius_xlat: '(uid=user_test)' radius_xlat: 'dc=teste,dc=pt' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=teste,dc=pt, with filter (uid=user_test) Waking up in 1 seconds... Threads: total/active/spare threads = 5/1/4 rlm_ldap: checking if remote access for user_test is allowed by uid rlm_ldap: Added password {CRYPT}HkDWb49nxN4Zo in check items rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value {CRYPT}HkDWb49nxN4Zo & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: user gilberto authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 2 rlm_pap: No clear-text password in the request. Not performing PAP. modcall[authorize]: module "pap" returns noop for request 2 modcall: leaving group authorize (returns ok) for request 2 auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Login incorrect: [user_test/<no User-Password attribute>] (from client 192.168.1.69 port 371 cli 0040.96a2.24f3) Delaying request 2 for 1 seconds Finished request 2 Going to the next request Thread 3 waiting to be assigned a request --- Walking the entire request list --- Waking up in 1 seconds... Threads: total/active/spare threads = 5/0/5 --- Walking the entire request list --- Sending Access-Reject of id 121 to 192.168.1.69 port 1645 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 2 ID 121 with timestamp 4669d1cd Nothing to do. Sleeping until we see a request. Anyone can help-me. Best regards -- /emmc