28 Feb
2011
28 Feb
'11
3:10 p.m.
Kyle Jake Plimack wrote:
I've configured radius to use ldap for authorization and authentication. Authorization works fine, but will allow access to authorized users without a correct password.
No.
Why? ldap stores passwords using SSHA encryption.
That doesn't change anything.
Is there any way to: a. provide radius with the key/salt so it can compare the passwords properly
It will do that automatically.
b. have radius bind as the user to check that the password is correct?
It will do that automatically.
c. option I haven't thought of yet?
Post the debug output, as suggested in the FAQ, README, INSTALL, "man" page, web site, and nearly daily on this list? Alan DeKok.