ldap question
Craig White
craigwhite at azapple.com
Wed Dec 10 18:37:15 CET 2008
still a few issues so I upgraded to 2.1.1 and in debug mode (and I have
enabled ldap), I see this...
[ldap] checking if remote access for $SOME_USER is allowed by uid
[ldap] looking for check items in directory...
rlm_ldap: sambaNtPassword -> NT-Password == 0x...
rlm_ldap: sambaLmPassword -> LM-Password == 0x...
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP. Are you sure that
the user is configured correctly?
[ldap] user $SOME_USER authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
++[ldap] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Normalizing NT-Password from hex encoding
[pap] Normalizing LM-Password from hex encoding
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
should I just disable pap? (I can't think of anything that I need to use
it for) OR...
considering that the LDAP 'userPassword' is essentially the same
password that is contained in sambaNTPassword and sambaLMPassword, do I
just somehow enable
# password_attribute = "userPassword"
as it talks about in rlm_ldap doc file?
Craig
More information about the Freeradius-Users
mailing list