Problem with PPTP and LDAP authentication.

Joey McDonald jmcdice at
Mon Feb 6 22:06:09 CET 2006

Hey gang,

I'm still struggling getting freeradius and LDAP working to authenticate my
PPTP users. I'd really appreciate if one of the guru's could have a look.

I've wiped my old install and installed a fresh copy of freeradius and all
the config files.

Reading the list postings it's clearly best to make as few changes as
posible to the config files. So, the bit's I've changed in radiusd.conf are
as follows:

modules {
          ldap {
                server = ""
                # identity = "cn=admin,o=My Org,c=UA"
                # password = mypass
                basedn = "ou=people,dc=mycompany,dc=net"
                filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
                password_attribute = userPassword

I uncommented the ldap section under authenticate:

authenticate   {
Auth-Type LDAP {

Then, I added my client in clients.conf.

In users I added:

        Fall-Through = 1

Those are all the changes I've made to the default configurations.

I'm now storing my password(s) in the ldap directory in plain text. Using
radtest from another machine on the network authenticates from the LDAP
server just fine.

Authentication from my PPTP server always gives me the following:

rad_recv: Access-Request packet from host x.x.x.x:32792, id=112, length=149
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "joey"
        MS-CHAP-Challenge = 0x0a5f7e5035f0d2306105161cdf7060c4
        MS-CHAP2-Response =
        Calling-Station-Id = ""
        NAS-Identifier = "pptp"
        NAS-Port = 0
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
Login incorrect: [joey/<no User-Password attribute>] (from client
vpn-external port 0 cli
Sending Access-Reject of id 112 to x.x.x.x:32792

What am I doing wrong? Thanks so much!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list