Request about implementation of alternate authentication mechanism in freeradius

Michal Vymazal Michal.Vymazal at
Tue Apr 29 16:08:09 CEST 2014

No exactly.
We want to enable to ldap to use more than one password for one service.

Means - hash no. 1 not match - ldap will try the hash no. 2  etc.


Dne 29.4.2014 16:02, Matthew Newton napsal(a):
> On Tue, Apr 29, 2014 at 02:44:12PM +0200, Michal Vymazal wrote:
>> We are going to append binary code to some ldap modules - the goal is to
>> enable ldap to use "alternate passwords" for some ldap entries. Means,
>> every app using ldap bind will can use "alternate passwords" to verify
>> the user access. Useful for the environment of mobile devices etc.
> This is difficult to understand, but sounds like you want to just
> use two instances of ldap, checking different LDAP password
> attributes, with failover? In which case, no code changes
> required.
> Matthew

Michal Vymazal
work: CESNET, z.s.p.o.
AAI Department
Zikova 4, 160 00 Praha 6
Czech Republic

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3244 bytes
Desc: Elektronicky podpis S/MIME
URL: <>

More information about the Freeradius-Devel mailing list