yet ANOTHER EAP-TTLS/PAP with OpenLDAP problem ...
Ivan Kalik
tnt at kalik.net
Fri Mar 28 22:45:32 CET 2008
>rlm_ldap: Added User-Password = {SSHA}*SANITIZED*e2E52K+sO/SC+wvE*SANITIZED*== in check items
You have obviously ignored the warnings about storing User-Password
attribute:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in
User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Should they be more obvious? So server translates User-Password to
Cleartext-Password and the check fails since the password is encrypted.
Configure ldap section to use SSHA-Password as password attribute instead.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list