Odd issue with auth-type:ldap

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Sep 8 22:52:33 CEST 2011


> 
> 
> Debugging what goes on in the background, the underlying complaint is
> "must bind to perform.." in case #2.
> 
> The first case (from a pcap trace) does to the search as defined user
> (in radiusd.conf) and then bind as the "found" DN, so it's not as if
> debugging forces a valid return on all queries.
> 
> Any ideas?

Build a recent version from source, see if its still broken/acting weird :).

> Related question .. is there an easier way to pass plaintext (to Radius)
> credentials into AD (and determine group membership) like auth_ntlm
> does? .. I know how to call ntlm_auth with plaintext credentials and
> return a success but can't seem to get freeradius to use that as an
> auth-type.
> 

It's not going to, it's an instance of the exec module.

http://wiki.freeradius.org/NTLM%20Auth%20with%20PAP%20HOWTO

-Arran

Arran Cudbard-Bell
a.cudbardb at freeradius.org

RADIUS - Half the complexity of Diameter




More information about the Freeradius-Users mailing list