LDAP and FreeRadius
Fajar A. Nugraha
list at fajar.net
Wed Aug 15 16:01:36 CEST 2012
On Wed, Aug 15, 2012 at 8:54 PM, Sonny Taberman
<sonny.taberman at lan-master.eu> wrote:
> Hi everyone.
> This is my first post to this list.
>
> I have set up freeradius (V2.1.12) together with openldap (V2.4.31) and so with some success I think.
> But I have to say that setting this up using only users-file was a breeze.
> Setting up freeradius with ldap not so simple.
> I am using cleartext password in ldap. I am not using any special schema for freeradius in my ldap-setup.
> My problem is something I noticed many other users has struggled with and that is this part from my debug output:
> ++[pap] returns noop
> Found Auth-Type = EAP
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> !!! Replacing User-Password in config items with Cleartext-Password. !!!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> !!! Please update your configuration so that the "known good" !!!
> !!! clear text password is in Cleartext-Password, and not in User-Password. !!!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> # Executing group from file /etc/raddb/sites-enabled/default
> +- entering group authenticate {...}
>
> So you say what is the problem, the solution is in your debug message?
>
> I have to say it's not.
> I can't find where to modify my config so this message does not repeat in my log/debug.
>
> So please what do I have to do to get rid of this problem?
Does your ldap.attrmap look like this?
https://github.com/alandekok/freeradius-server/blob/v2.1.x/raddb/ldap.attrmap
In particular look for "Password-With-Header"
--
Fajar
More information about the Freeradius-Users
mailing list