LDAP and FreeRadius
Fajar A. Nugraha
list at fajar.net
Thu Aug 16 06:58:47 CEST 2012
On Wed, Aug 15, 2012 at 10:45 PM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 15/08/12 16:13, Fajar A. Nugraha wrote:
>
>>
>> Something is setting User-Password check item. If you store the
>
>
> Bear in mind that rlm_ldap has some quite complex password processing rules
> hard-coded into the source. In particular, I think that code still,
> incorrectly, uses PW_USER_PASSWORD as the attribute, then overrides it based
> on the presence and value of a {type} header:
>
> https://github.com/alandekok/freeradius-server/blob/v2.1.x/src/modules/rlm_ldap/rlm_ldap.c#L1545
>
> In particular, AFAICT if password_attribute is set, and auto_header is
> unset, then the attribute added will be User-Password.
Hmm ... I wonder if simply replacing PW_USER_PASSWORD with
PW_CLEARTEXT_PASSWORD there will work :)
--
Fajar
More information about the Freeradius-Users
mailing list