rlm_ldap and auto_header
Tim Palmer
tpalmer at bestweb.net
Wed Nov 12 22:15:20 CET 2008
Alan DeKok wrote:
> Tim Palmer wrote:
>
>> Full disclosure - I did try an install from ports, then removed the port
>> and rerun ldconfig. I did not recompile/install freeradius after the
>> port excercise.
>> =======
>> Why yes, I did map Cleartext-Password, since the debug error ( and
>> various list postings) seemed clear on that:
>>
>> ldap.attrmap:
>> checkItem Cleartext-Password userPassword
>>
>
> Don't do this. Delete this line. It's the SOURCE of all the problems.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
To no one's surprise, you all are correct that auto_header shouldn't be
needed in the ldap module. The Cleartext-Password mapping didn't help,
but my base, original problem was carrying over a "password_header =
"{crypt}" entry in the ldap module from our old (1.0.1) configuration.
Thanks for making it clear I shouldn't accept something just because it
works, if it isn't how it should work.
--
Tim Palmer
BestWeb Support
More information about the Freeradius-Users
mailing list