EAP-TTLS-PAP-LDAP
Phil Mayers
p.mayers at imperial.ac.uk
Fri Jul 14 11:26:20 CEST 2006
Rohaizam Abu Bakar wrote:
> rlm_ldap: Added password {CRYPT}$1$ZRXMvi1s$zBQaHYkaxDjGi5zL2geNN0 in
That's your problem.
The CVS version of FreeRadius has auto_header which will detect the
{type} in the password, strip it and put the password in the right
place. Try that. Or, write an external script (run via exec) to
manipulate the request correctly.
A couple more things:
1. You're doing the LDAP query on *every* radius request, which is
pointless for the EAP conversation. You can rework the config so that
doesn't happen - see the list archives for "eap AND 127.0.0.1"
2. You put your LDAP server admin name, password and IP into the debug
output. I'd change those ASAP...
More information about the Freeradius-Users
mailing list