this is the server log output: # radiusd -X > log.radius I don't understand what "**WARNING: No "known good" password was found in LDAP. Are you sure that *the **user is configured correctly?*" means? what is freeradius expecting from the openldap user's configuration? and, why if I enter sambaNTPassword works fine? Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on command file /var/run/radiusd/radiusd.sock Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 10.202.10.93 port 60123, id=47, length=165 User-Name = "nicolas.guerra" Called-Station-Id = "A0-F3-C1-CF-E3-06:OpenWrt" NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Calling-Station-Id = "CC-FE-3C-92-E0-1B" Connect-Info = "CONNECT 54Mbps 802.11g" Framed-MTU = 1400 EAP-Message = 0x02dc0013016e69636f6c61732e677565727261 Message-Authenticator = 0xb415d249f91323467312cdea8bd9ff84 # Executing section authorize from file /etc/raddb/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "nicolas.guerra", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 220 length 19 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop [ldap] performing user authorization for nicolas.guerra [ldap] expand: (uid=%u) -> (uid=nicolas.guerra) [ldap] expand: ou=People,ou=Users,dc=asse -> ou=People,ou=Users,dc=asse [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] attempting LDAP reconnection [ldap] (re)connect to ldap:389, authentication 0 [ldap] bind as / to ldap:389 [ldap] waiting for bind result ... [ldap] Bind was successful [ldap] performing search in ou=People,ou=Users,dc=asse, with filter (uid=nicolas.guerra) [ldap] No default NMAS login sequence [ldap] looking for check items in directory... [ldap] looking for reply items in directory... *WARNING: No "known good" password was found in LDAP. Are you sure that the **user is configured correctly?** *[ldap] user nicolas.guerra authorized to use remote access [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop *[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.** *++[pap] returns noop Found Auth-Type = EAP # Executing group from file /etc/raddb/sites-enabled/default +- entering group authenticate {...} [eap] EAP Identity [eap] processing type md5 rlm_eap_md5: Issuing Challenge ++[eap] returns handled Sending Access-Challenge of id 47 to 10.202.10.93 port 60123 EAP-Message = 0x01dd001604107fe91282f5b1fe93fa0490f7444fb1f6 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x02a12214027c2680a4308d96285f86cc Finished request 0. any help woould be wellcome, Sds Nicolas.