Freeradius-Users Digest, Vol 39, Issue 18 topic 5: freeradiuswith multiple ldap servers
Sambuddho Chakravarty
sc2516 at columbia.edu
Thu Jul 3 23:30:27 CEST 2008
Hello Ivan
Problem still the same
I changed :-
On Thu, 2008-07-03 at 22:20 +0100, Ivan Kalik wrote:
> >
> >Added to ldap.attrmap
> >---------------------------
> >checkItem Crypt-Password userPassword
> >
>
Removed this from ldap.attrmap
> Don't do that. userPassword is already mapped in ldap module:
>
> # password_attribute: Define the attribute which contains the user
> # password.
> # While integrating FreeRADIUS with Novell eDirectory, set
> # 'password_attribute = nspmpassword' in order to use the universal
> # password of the eDirectory users for RADIUS authentication. This will
> # work only if FreeRADIUS is configured to build with --with-edir option.
> #
> # default: NULL - don't add password
> #
> # password_attribute = "userPassword"
>
> # password_radius_attribute: Defined the RADIUS attribute where the
> extracted
> # user password will be stored to. Can be used to set it to NT-Password
> or any
> # other similar attribute instead of the default
> #
> # default: User-Password
> #
> # password_radius_attribute = "NT-Password"
>
> >Added to modules/ldap
> >
> >
> >ldap ldap1{
> > ....
> >
> > identity = (root DN)
> > password = (password for the root DN)
> >
> > password_header="{crypt}"
> > password_attribute=Crypt-Password
Yes changed this to password_radius_attribute=Crypt-Password
However , if I change the password_attribute=userPassword, the auth type
is detected wrongly as Local
auth: type Local
auth: user supplied User-Password does NOT match local User-Password
Thanks
Sambuddho
> No, not password_attribute but password_radius_attribute.
> password_attribute should remain userPassword (as it is by default).
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list