Freeradius Ldap mosule is authenticating with wrong password also
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Sun Jul 24 13:48:34 CEST 2011
Hi,
> DEFAULT LDAP-Group == "CiscoRWL2Lr", Auth-Type := Accept
> Reply-Message = "Welcome! You have administrative access.",
> Service-Type = NAS-Prompt-User,
> cisco-avpair = "shell:priv-lvl=15"
as already said, you've configured your RADIUS server to accept
ANYONE who is in the CiscoRW2Lr group - even if their password
is 100% wrong. Auth-Type := Accept opens your box to basically not
caring about authentication.... only authorization.
remove the auth-type and ensure your authentication is working -
which will need some work for AD
alan
More information about the Freeradius-Users
mailing list