Fw: freeradius and ldap using chap
Eric Eric
eric121233 at yahoo.com
Mon Feb 22 13:41:36 CET 2010
When I remove ldap-Vpn from authenticate part error is:
rlm_chap: login attempt by "test" with CHAP password
rlm_chap: Could not find clear text password for user test
Login incorrect (rlm_chap: Clear text password not available): [test] (from client vpntist port 128 cli 10.10.10.24)
what is wrong in my config?any help?
--- On Sun, 2/21/10, Eric Eric <eric121233 at yahoo.com> wrote:
From: Eric Eric <eric121233 at yahoo.com>
Subject: Fw: freeradius and ldap using chap
To: freeradius-users at lists.freeradius.org
Date: Sunday, February 21, 2010, 1:33 PM
Hi
I want to change authentication pap to chap. The users with clear passwords are in ldap server. The error is :
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication. Cannot use "CHAP-Password".
Login incorrect (rlm_chap: Clear text password not available):
I saw the problem in faq but I didn't find what is my mistake. The config is:
in users :
DEFAULT Client-IP-Address ==
10.10.10.2 , Auth-Type := Vpn, Autz-Type := Vpn, Post-Auth-Type := Vpn, Session-type := Vpn
in radius.conf:
ldap ldap-Vpn{
....
password_attribute =
userPassword
password_header = "{clear}"
}
authorize {
chap
Autz-Type Vpn{
ldap-Vpn
chap
}
}
authenticate {
Auth-Type CHAP {
chap
}
Auth-Type Vpn{
chap
ldap-Vpn
}
}
....
what is my mistake? should I do any other config or change in ldap.attrmap?
-----Inline Attachment Follows-----
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100222/3144c011/attachment.html>
More information about the Freeradius-Users
mailing list