No "known good" password was found in LDAP
newtownz
jean466 at sympatico.ca
Thu Jul 22 21:26:13 CEST 2010
Hi,
I have a setup with a laptop, access-point, wireless-controller, freeradius
2.1.8 (ubuntu 10.04)
and SLES 10 eDirectory.
When I put the username and password in the users file everything works fine
(802.1x, PEAP)
When I try to move authentication with the eDirectory with ldap, I get the
Warning no known...
but then the user is authorized. ([ldap] user aruba authorized to use remote
access)
[ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=aruba)
[ldap] expand: o=org -> o=org
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] attempting LDAP reconnection
[ldap] (re)connect to xxx.yyy.110.136:389, authentication 0
[ldap] bind as cn=admin,o=org/admin to xxx.yyy.110.136:389
[ldap] waiting for bind result ...
[ldap] Bind was successful
[ldap] performing search in o=org, with filter (uid=aruba)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
[ldap] looking for reply items in directory...
WARNING: No "known good" password was found in LDAP. Are you sure that the
user is configured correctly?
[ldap] user aruba authorized to use remote access
[ldap] ldap_release_conn: Release Id: 0
The password stored in eDirectory is valid.
My understanding of eDirectory is that it will never let you see the actual
password
of a user, it will hash it first. Is this behavior of freeradius normal?
Later in the process the user is rejected because no Auth-Type was found,
is this related?
Jean
--
View this message in context: http://old.nabble.com/No-%22known-good%22-password-was-found-in-LDAP-tp29239201p29239201.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list