LDAP + CHAP

Adam Seed adamjseed at gmail.com
Wed Mar 5 16:50:39 CET 2014


I think i have it!

I dont think it allows passwords of 8 chars, anyone confirm?


On Wed, Mar 5, 2014 at 3:40 PM, Adam Seed <adamjseed at gmail.com> wrote:

> so as an example, I changed the user adamjseed password to oracle and it
> works, then changed it to oracle01 and it doesnt and then to oracle9999
> which does... all of which are passwords I have never used before in this
> setup.
>
> Is there anymore debugging I can enable?
>
>
> On Wed, Mar 5, 2014 at 3:30 PM, Adam Seed <adamjseed at gmail.com> wrote:
>
>> ok, something very strange is going on!!!!
>>
>> so I have been fiddling around with it getting a mix of accepted and
>> rejected commands and the only thing I have pined it down to is the
>> password...
>> Some passwords work, some dont im not sure if there is some kind of
>> caching going on. It appears my older passwords i was using during inital
>> testing dont work...
>>
>> The password I get back from ldap in the debug is always correct and
>> matches what I have put into the test utility but some get rejected. Any
>> ideas why?
>>
>>
>>
>>
>>
>> On Wed, Mar 5, 2014 at 1:18 PM, Alan DeKok <aland at deployingradius.com>wrote:
>>
>>> Adam Seed wrote:
>>> > I have two users:
>>> >
>>> > cn=adamjseed,ou=users,dc=adamjseed,dc=co,dc=uk
>>> > cn=guest,ou=users,dc=adamjseed,dc=co,dc=uk
>>> >
>>> > what's important is that the uid=cn in both cases
>>> >
>>> > guest works where adamjseed doesnt, if I change the uid (not cn) of
>>> > adamjseed to adamjseed1 it then does work.
>>> >
>>> > im guessing its conflicting with the dn?
>>>
>>>   I don't see how.  FreeRADIUS just queries LDAP for a password.
>>> FreeRADIUs doesn't care about cn, dn, or anything else.  LDAP returns
>>> the password, and FreeRADIUS uses it.
>>>
>>>   Run the queries manually.  Be sure that LDAP is returning the correct
>>> password in both cases.
>>>
>>>   Alan DeKok.
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140305/bf57f506/attachment.html>


More information about the Freeradius-Users mailing list