Hi all, I'm new to Freeradius but want to get it working for our local hack/makerspace to ensure we can provide decent QoS on the WiFi for our members. My LDAP server is https://github.com/lldap/lldap and that *does not* expose a "plain text password" field. I am running Freeradius via docker and I've uploaded my config at https://gist.github.com/proffalken/a6213dc7266a6a9800432b3c0e1b264d (passwords and domains have been changed to protect the innocent!) As you can see from the log below, the LDAP lookup works, however the authentication request is rejected because the "Auth-Type" is not found. I'm sure this is an obvious fix, but I've not been able to find an answer in my searching! I'm using the following command to test: radtest mmw pass1234 10.x.x.5 0 testing123 and this is the log: -=-=-=-=-=-=-=-=-=-= freeradius_1 | rlm_ldap (ldap): Reserved connection (0) freeradius_1 | (0) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User- Name}}) freeradius_1 | (0) ldap: --> (uid=mmw) freeradius_1 | (0) ldap: Performing search in "ou=people,dc=auth,dc=mydomain,dc=co,dc=uk" with filter "(uid=mmw)", scope "sub" freeradius_1 | (0) ldap: Waiting for search result... freeradius_1 | (0) ldap: User object found at DN "uid=mmw,ou=people,dc=auth,dc=mydomain,dc=co,dc=uk" freeradius_1 | (0) ldap: Processing user attributes freeradius_1 | (0) ldap: WARNING: No "known good" password added. Ensure the admin user has permission to read the password attribute freeradius_1 | (0) ldap: WARNING: PAP authentication will *NOT* work with Active Directory (if that is what you were trying to configure) freeradius_1 | rlm_ldap (ldap): Released connection (0) freeradius_1 | (0) [ldap] = ok freeradius_1 | (0) [expiration] = noop freeradius_1 | (0) [logintime] = noop freeradius_1 | (0) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type freeradius_1 | (0) pap: WARNING: Authentication will fail unless a "known good" password is available freeradius_1 | (0) [pap] = noop freeradius_1 | (0) } # authorize = ok freeradius_1 | (0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject freeradius_1 | (0) Failed to authenticate the user freeradius_1 | (0) Using Post-Auth-Type Reject freeradius_1 | (0) # Executing group from file /opt/etc/raddb/sites- enabled/default freeradius_1 | (0) Post-Auth-Type REJECT { freeradius_1 | (0) attr_filter.access_reject: EXPAND %{User-Name} freeradius_1 | (0) attr_filter.access_reject: --> mmw freeradius_1 | (0) attr_filter.access_reject: Matched entry DEFAULT at line 11 freeradius_1 | (0) [attr_filter.access_reject] = updated freeradius_1 | (0) [eap] = noop freeradius_1 | (0) policy remove_reply_message_if_eap { freeradius_1 | (0) if (&reply:EAP-Message && &reply:Reply- Message) { freeradius_1 | (0) if (&reply:EAP-Message && &reply:Reply- Message) -> FALSE freeradius_1 | (0) else { freeradius_1 | (0) [noop] = noop freeradius_1 | (0) } # else = noop freeradius_1 | (0) } # policy remove_reply_message_if_eap = noop freeradius_1 | (0) } # Post-Auth-Type REJECT = updated -=-=-=-=-=-=-=-=-=-=- Thanks in advance! Matt