checkitem problem

Alan DeKok aland at deployingradius.com
Sat Sep 1 08:17:30 CEST 2007


Norbert Wegener wrote:
> rlm_ldap: looking for check items in directory...
> rlm_ldap: Adding primaryGroupID as Cleartext-Password == "515"

  OK...

>  modcall[authorize]: module "ldap" returns ok for request 11
>    users: Matched entry DEFAULT at line 2

  Yes... because you are telling the server what the clear-text password
is supposed to be.  If you tell the server TWICE, it will say OK twice.

  What sort of behavior do you expect?  "If cleartext password is
already set, don't set it again" ?  Nothing in the ldap or users file
documentation says that they do anything like that.

  If you want that functionality, see 2.0.

  Alan DeKok.



More information about the Freeradius-Users mailing list