Need help Configuring Radius and Ldap

James Winter james.winter at saintjoe.edu
Mon Dec 6 15:06:09 CET 2010


> ...there was no "userPassword" (or it wasn't readable)

I think I have a problem with Ldap reading the password correctly. If  
i have read correctly, it needs a clear text password....

> Secondly, the debug output you posted returns an "Access-Accept"  
> because, although the LDAP module was unable to see a userPassword  
> attribute on the LDAP entry, a later module sets the Auth-Type to  
> "ntlm_auth" and your server then obeys that.

I shall comment this line out, and try it out today

>
> This is all a non-standard config, so *someone* has configured the  
> server - was it you?

I have been working on configuring the server for a little bit now. I  
tried following several different online manuals before I consulted  
the group.

>
>>
>> The remote device also told me that the authentication was invalid. I
>
> Well, FreeRadius sent an Access-Accept. What is the remote device?  
> If you hadn't trimmed the debugging output I might be able to  
> suggest more.

The radius server would tell me Access-Accept, but then my remote  
device would not let me login. The current remote device is a hp pro- 
curve 5412.

>
>> was able to successfully authenticate on this device by using the
>> local users file(on the radius server).
>
> So compare the reply in that case with the reply in this case, and  
> configure the radius server to send the same attributes.

Will try this today, thank you very much for the informative advice.

- james



More information about the Freeradius-Users mailing list