LDAP Data Mangling
Alan DeKok
aland at deployingradius.com
Thu Sep 9 12:19:25 CEST 2010
Kevin Ehlers wrote:
> I found a solution that works in the mean-time by writing a perl module.
> I'm using the perl module during the authorize section in the
> inner-tunnel virtual server. What it does is query ldap, and get the
> nt-password attribute from our ldap server. It then does a $nt-password
> =~ /^{nthash}(.*)$/. From there, I update the control packet
> $RAD_CHECK{NT-Password} = $1. And then it returns OK.
OK...
> It looks like the ldap module rejects the password and doesn't store it
> in the User-Password or NT-Password field.
I don't see why. It should be able to read *anything* from the ldap
password field, and put it into the RADIUS password attribute.
Alan DeKok.
More information about the Freeradius-Users
mailing list