Check LDAP password with SHA512

Arran Cudbard-Bell a.cudbardb at
Wed Jan 27 23:08:35 CET 2016

> On Jan 27, 2016, at 4:36 PM, Will W. <will at> wrote:
> Question
> With Start_TLS yes
> this is enabling the Freeradius to connect to the LDAP server over a TLS tunnel correct?

Yes, the connection starts off as plaintext, then the ldap client requests to establish a TLS tunnel.

Map looks OK.  You need to run ldapsearch with this invocation to see if the userPassword is being returned:

ldapsearch -H ldap:// —ZZ x -b "ou=Users,dc=myhost,dc=com" -D "uid=demouser,ou=Users,dc=myhost,dc=com" -w testing123 "(objectClass=posixGroup)" userPassword

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list