ldap authentication failure

Alan DeKok aland at nitros9.org
Fri Apr 21 18:35:46 CEST 2006

"Abey Thomas" <abeyth at gmail.com> wrote:
> However in the same setup when I try to get the port authenticated for the
> WinXP client
> using EAP-MD5 it is being rejected

  You've listed "ldap" before "eap" in the "authorize" section.  Don't
do that.  The default config has them in the other order for a reason.

> rlm_ldap: performing search in o=3Dexample, with filter (uid=3Dabey)
> rlm_ldap: looking for check items in directory...
> rlm_ldap: looking for reply items in directory...

  You don't store the clear-text password in LDAP, so it's impossible
to do EAP-MD5.

  Store the clear-text password in LDAP, and list the modules in the
order used by the default config file.

  Alan DeKok.

More information about the Freeradius-Users mailing list