Freeradius-Users Digest, Vol 39, Issue 18 topic 5: freeradiuswith multiple ldap servers
Ivan Kalik
tnt at kalik.net
Thu Jul 3 23:20:39 CEST 2008
>
>Added to ldap.attrmap
>---------------------------
>checkItem Crypt-Password userPassword
>
Don't do that. userPassword is already mapped in ldap module:
# password_attribute: Define the attribute which contains the user
# password.
# While integrating FreeRADIUS with Novell eDirectory, set
# 'password_attribute = nspmpassword' in order to use the universal
# password of the eDirectory users for RADIUS authentication. This will
# work only if FreeRADIUS is configured to build with --with-edir option.
#
# default: NULL - don't add password
#
# password_attribute = "userPassword"
# password_radius_attribute: Defined the RADIUS attribute where the
extracted
# user password will be stored to. Can be used to set it to NT-Password
or any
# other similar attribute instead of the default
#
# default: User-Password
#
# password_radius_attribute = "NT-Password"
>Added to modules/ldap
>
>
>ldap ldap1{
> ....
>
> identity = (root DN)
> password = (password for the root DN)
>
> password_header="{crypt}"
> password_attribute=Crypt-Password
No, not password_attribute but password_radius_attribute.
password_attribute should remain userPassword (as it is by default).
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list