AW: AW: AW: AW: AW: Freeradius + LDAP password trouble

Lionne Stangier lionne.stangier at
Mon Jul 19 16:13:36 CEST 2010

> Is there a double colon (::) after the userPassword attribute name in 
> the ldapsearch result? (e.g. userPassword:: xxxxxxxxxxxxxxxxx). If so 
> that means the attribute value was binary (had some non-ascii printing 
> character in it) so it was base64 encoded. This is a bit obscure, I 
> got tripped up by it recently too :-) Try base64 decoding the the 
> value. I bet it'll look like {hash}xxxxxxxxxxxx where hash is one of 
> sha1, md5, etc. and xxxxxxxxxxx is the hash digest of the password. 
> FWIW it's not unusual when a hashing to a digest to end up with a 
> non-ascii character (thus triggering the base64 encoding)

Yes the password it´s like you describe. I tested different forms in the ldap.attrmap now. Same trouble as before. 

We only load the schema on LDAP. Are there some different important settings?

More information about the Freeradius-Users mailing list