Help connecting to remote ldap server
John Dennis
jdennis at redhat.com
Thu Jun 24 18:33:10 CEST 2010
On 06/24/2010 12:21 PM, Raymond Norton wrote:
> [ldap] looking for reply items in directory...
> WARNING: No "known good" password was found in LDAP. Are you sure that
> the user is configured correctly?
You don't have the userPassword mapped in /etc/raddb/ldap.attrmap
But even if you did, ldap has this:
userPassword:: e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9
and the request has this:
User-Password = "password"
They aren't the same are they? The LDAP entry looks like a hash, you'll
have to figure out which kind. Note it does not contain a {hash} prefix
so FreeRADIUS can't figure what kind of hash it is. You'll have to force
that with the right radius attribute for userPassword in ldap.attrmap.
But you better look at this:
http://deployingradius.com/documents/protocols/compatibility.html
and understand the consequences.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeradius-Users
mailing list