Help connecting to remote ldap server
Raymond Norton
admin at lctn.org
Thu Jun 24 20:04:33 CEST 2010
Thanks for the info. I'm not sure how to determine what to use in
ldap.attrmap, but will see what I can figure out.
One question though; before attempting this current setup, I installed
freeradius_1.1.0-1ubuntu2.1_i386.deb and ldap on the same localhost..
radtest and authenticating via WPA worked perfectly using the same user
credentials I am using today from my new radius server. The difference
is the version and the fact the radius server is on a different box.
What might need to be configured differently now that freeradius is on a
seperate box?
On 6/24/2010 11:33 AM, John Dennis wrote:
> On 06/24/2010 12:21 PM, Raymond Norton wrote:
>
>> [ldap] looking for reply items in directory...
>> WARNING: No "known good" password was found in LDAP. Are you sure that
>> the user is configured correctly?
>
> You don't have the userPassword mapped in /etc/raddb/ldap.attrmap
>
> But even if you did, ldap has this:
>
> userPassword:: e1NIQX13ak83dXhlS3FYR0NFVlhPTEVzVUo4OW9DWFE9
>
> and the request has this:
>
> User-Password = "password"
>
> They aren't the same are they? The LDAP entry looks like a hash,
> you'll have to figure out which kind. Note it does not contain a
> {hash} prefix so FreeRADIUS can't figure what kind of hash it is.
> You'll have to force that with the right radius attribute for
> userPassword in ldap.attrmap.
>
> But you better look at this:
>
> http://deployingradius.com/documents/protocols/compatibility.html
>
> and understand the consequences.
>
More information about the Freeradius-Users
mailing list