problem with LDAP backend
Alan DeKok
aland at deployingradius.com
Wed Aug 31 18:30:45 CEST 2011
Frank Bonnet wrote:
> MAC addresses for some video devices in the "users" file
> as follows :
>
> 00-06-F4-0D-08-66 Auth-Type := Local, User-Password == "xxxxxxxx"
That's wrong. See the debug output for reasons why. See the FAQ for
correct examples.
> LDAP backend for "real" users at the end of the "users" file I have this
> statement
>
> DEFAULT Auth-Type = LDAP
> Fall-Through = 1
That's not needed.
> Wed Aug 31 16:52:39 2011 : Auth: rlm_ldap: Attribute "User-Password" is
> required for authentication. Cannot use "CHAP-Password".
That's pretty clear. The NAS is sending a CHAP request. You can't do
that with "Auth-Type LDAP"
Instead, list "ldap" in the "authorize" section.
Don't set Auth-Type. It's almost always wrong.
Alan DeKok.
More information about the Freeradius-Users
mailing list