LDAP and FreeRadius

Phil Mayers p.mayers at imperial.ac.uk
Wed Aug 15 17:45:31 CEST 2012


On 15/08/12 16:13, Fajar A. Nugraha wrote:

>
> Something is setting User-Password check item. If you store the

Bear in mind that rlm_ldap has some quite complex password processing 
rules hard-coded into the source. In particular, I think that code 
still, incorrectly, uses PW_USER_PASSWORD as the attribute, then 
overrides it based on the presence and value of a {type} header:

https://github.com/alandekok/freeradius-server/blob/v2.1.x/src/modules/rlm_ldap/rlm_ldap.c#L1545

In particular, AFAICT if password_attribute is set, and auto_header is 
unset, then the attribute added will be User-Password.


More information about the Freeradius-Users mailing list