LDAP and FreeRadius

Phil Mayers p.mayers at imperial.ac.uk
Thu Aug 16 13:02:42 CEST 2012

On 08/16/2012 08:00 AM, Alan DeKok wrote:
> Phil Mayers wrote:
>> Bear in mind that rlm_ldap has some quite complex password processing
>> rules hard-coded into the source. In particular, I think that code
>> still, incorrectly, uses PW_USER_PASSWORD as the attribute, then
>> overrides it based on the presence and value of a {type} header:
>    That's what has been working for ~10 years.  I'm wary of breaking
> peoples systems in a minor release.

Oh totally - I'm not suggesting fiddling with the existing code, just 
noting that the reason the OP was getting the warning about 
User-Password versus Cleartext-Password was (I guess) rlm_ldap doing it, 
rather than anything he did.

More information about the Freeradius-Users mailing list