Alan DeKok aland at deployingradius.com
Thu Jul 29 09:09:35 CEST 2010

Tom Leach wrote:
> Alan, changing from User-Password to Password-With-Header brought back
> the 'No "known good" password' error.  I'm going through the rlm_pap.c
> code to try to see what's going on here.  I haven't found any docs yet
> on what the various mapping possibilities are and what they do.  Do you
> have a pointer to any so I don't keep bugging you and the list?
> I agree with the 'get it work, then tune it' approach.  That's where I'm
> at now.  It's working, I'm just trying to make all the messages go away :)

  PLEASE don't get excited about warning messages.  They're just
messages.  It's not worth it to spend days trying to make the messages
go away.  If the server works, it works.

> Here is a snippet from radiusd -X:
> [ldap-server1] Added Crypt-Password = 4gOgBZqZgtwIw in check items
> [ldap-server1] looking for check items in directory...
>   [ldap-server1] userPassword -> Password-With-Header ==
> "{crypt}4gOgBZqZgtwIw"
> [ldap-server1] looking for reply items in directory...
> WARNING: No "known good" password was found in LDAP.  Are you sure that
> the user is configured correctly?

  That message will go away in 2.1.10, if you're using Password-With-Header.

  Alan DeKok.

More information about the Freeradius-Users mailing list