rlm_ldap: Attribute "User-Password" isrequired forauthentication

Stefan.Neis at t-online.de Stefan.Neis at t-online.de
Wed Jul 27 14:08:50 CEST 2005


>   modcall[authorize]: module "files" returns ok for request 0
> modcall: group authorize returns updated for request 0
>   rad_check_password:  Found Auth-Type LDAP
> auth: type "LDAP"
>   Processing the authenticate section of radiusd.conf
> modcall: entering group Auth-Type for request 0
> rlm_ldap: - authenticate
> rlm_ldap: Attribute "User-Password" is required for authentication.
> Any ideas where I might go wrong?

I guess you're telling the RADIUS server to _always_ do LDAP, even
if it's the "outer" protocol where "EAP-TTLS" is needed, not only 
for the "inner" protocol which is using PAP.
Look into the mailing list archives for "FreeRadius-Proxied-To"
(or something similar) on how to tell apart packets of "outer" and
"inner" protocol and set the Auth-Type only for the "inner" one.

        Hope this isn't to cryptic and does help,

More information about the Freeradius-Users mailing list