Hi again List, Thank very much Alan, I am so sorry if I am a little bit bothering ... but all seems to be jumbled in my head. So I have some questions: - is the cipher login/password which comes from CopSpot(or any captive portal) deciphered before ipcop sends it to freeradius-server? (It's a kind of question which can not be asked here but ... never know) - the authentication type set in ipcop is just "radius" (and its ip), so I don't understand why the packet contains CHAP? according to http://deployingradius.com/documents/configuration/active_directory.html, centralizing the authentication in samba will work fine, but I want to do it against ldap. I think, what's wrong here is that I added users by smbldap-useradd, not simply ldapadd (which won't work actually, it says: "invalid credentials") ... - So how can I force freeradius to use pap (to be able to authenticate it against ldap) even the passwd/login is tls ciphered (from chilispot)????I m really convinced that that's not possible, even senseless but I have to know why ... Finally, once again, I really want to thank the list for your availability, the freeradius dev. team, because this is a success for the open source community. Thanks, On Thu, Apr 22, 2010 at 4:45 PM, Alan DeKok <aland@deployingradius.com>wrote:
Johnny R wrote:
The authentication worked well locally against openldap (in the same server). When an user try to connect to internet in the Blue Zone (WLAN), it generates the following error in the radius-server. I am really stuck here, any help will be welcome.
Look at the debug log. The packet contains CHAP, and the database has only NT-Password and LM-Passwords. They are simply not compatible:
http://deployingradius.com/documents/protocols/compatibility.html
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- ----------------------------------------------------------------- |JJohnny RANDRIAMAMPIONONA | | Phone: +212663682554 | | National School of Applied Sciences | | 1818 TANGIER 90000 | |----------------------------------------------------------------|