EAP-TTLS-PAP-LDAP
Rohaizam Abu Bakar
haizam at myjaring.net
Sat Jul 15 09:58:02 CEST 2006
Thanks Phil.. what a stupid move to paste all that passwd.. I've changed it
as soon as i get ur mail... thanks again...
cannot find any article related to repeating LDAP query for EAP... pls
help..
I think the problem coz by RADIUS cannot figure out to set Auth-Type and
then it require plain passwd.. When I change password to plain. with the
same setting.. it's working...
--haizam
----- Original Message -----
From: "Phil Mayers" <p.mayers at imperial.ac.uk>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Friday, July 14, 2006 5:26 PM
Subject: Re: EAP-TTLS-PAP-LDAP
> Rohaizam Abu Bakar wrote:
>> rlm_ldap: Added password {CRYPT}$1$ZRXMvi1s$zBQaHYkaxDjGi5zL2geNN0 in
>
> That's your problem.
>
> The CVS version of FreeRadius has auto_header which will detect the {type}
> in the password, strip it and put the password in the right place. Try
> that. Or, write an external script (run via exec) to manipulate the
> request correctly.
>
> A couple more things:
>
> 1. You're doing the LDAP query on *every* radius request, which is
> pointless for the EAP conversation. You can rework the config so that
> doesn't happen - see the list archives for "eap AND 127.0.0.1"
>
> 2. You put your LDAP server admin name, password and IP into the debug
> output. I'd change those ASAP...
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list