On 16 Mar 2016, at 10:27, Stefan Paetow <Stefan.Paetow@jisc.ac.uk> wrote:
I have freeradius authenticating users with a ldap backend. In my ldap configuration I have:
update { control:Password-With-Header += 'userPassword' control:NT-Password := 'sambaNTPassword' control:LM-Password := 'sambaLMPassword' ... } [snip] Is there any way to force the use the password in the userPassword attribute instead of NT/LM one?
Disable the two lines for the 'samba??Password' entries?
Or if only some LDAP entries have a cleartext password: if (&control:Password-With-Header) { update control { control:NT-Password !* ANY control:LM-Password !* ANY } } -Arran Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2