FW: MS-CHAP-v2 and CHAP with different passwords in LDAP

Edvin Seferovic edvin.seferovic at kolp.at
Sun Dec 9 00:35:34 CET 2007

> http://deployingradius.com/documents/protocols/compatibility.html

Read it !

> If you're doing "bind as user" in LDAP, read this:

Nope - just using LDAP as storage and accessing it with a privileged user
that has R/O access to the user profiles

> You don't do attribute mappings.  See the "ldap" section in
> radiusd.conf, and look for "password_attribute".

Okay - did that now. MS-CHAP still working. Voila - CHAP works as well !

>> password_header = "{clear}"
>> password_attribute = "userPassword"
>> password_radius_attribute = "User-Password"
>  Where did that last line come from?

http://wiki.freeradius.org/Rlm_ldap << from here ! Wasn't sure if that was
the right for me. 

> See the FAQ for "it doesn't work".

My FAQ says "Find the typo and go to sleep" :)

Thanks Alan !

Kind regards,

More information about the Freeradius-Users mailing list