FR3.0 and LDAP
Maja Wolniewicz
mgw at umk.pl
Mon Aug 12 23:28:31 CEST 2013
Dnia 12 sie 2013 o godz. 22:57 Arran Cudbard-Bell <a.cudbardb at freeradius.org> napisał(a):
>
> On 12 Aug 2013, at 21:47, Maja Wolniewicz <mgw at umk.pl> wrote:
>
>> W dniu 12.08.2013 21:36, Alan DeKok pisze:
>>> Maja Wolniewicz wrote:
>>>> In FR3.0 the Auth-Type=LDAP isn't set in the rlm_ldap module, the
>>>> authorize section ends with Auth-Type=PAP, so authentication goes to the
>>>> PAP module.
>>> That's what's supposed to happen when you use LDAP as a database.
>> Is there a way to decide which attribute is used in the PAP module?
>> I have in the ldap module config
>> update {
>> control:NT-Password := 'ntPassword'
>> control:Password-With-Header := 'userPassword'
>> }
>> and the PAP module uses NT encryption.
>> when I remove control:NT-Password line then CRYPT password is used
>> I would like the PAP module to use userPassword, I need ntPassword in the ldap module for PEAP authentication.
>
> Why? and no. Shouldn't they both be in sync?
In production yes, but for testing purposes sometimes we are using different passwords.
Maja
>
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS Development Team
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
More information about the Freeradius-Devel
mailing list