Freeradius v3.0.11 LDAP "userpassword: {SASL}bob" problems
Kouata Modibo
sande7kouata at gmail.com
Wed Jun 15 10:54:02 CEST 2016
Hello,
I installed freeradius version 3.0.11. I have two LDAP directory servers.
An LDAP server prinicpal A that contains all users. and an LDAP server B
directly connected to radius server (same network). LDAP server B contacts
the prinicpal server A when needed to authenticate a user. The password
fields of users on the server B are in the form
userpassword: {SASL}bob
bob is the username. Here is a part of debug output when authentificating a
user:
rlm_ldap (ldap): Reserved connection (2)
(8) ldap: EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(8) ldap: --> (uid=kouata)
(8) ldap: Performing search in "dc=example,dc=com" with filter "(uid=bob)",
scope "sub"
(8) ldap: Waiting for search result...
ldap: User object found at DN
"uid=bob,ou=People,o=Myentreprise,dc=example,dc=com"
(8) ldap: Processing user attributes
(8) ldap: control:Password-With-Header += '{SASL}bob'
rlm_ldap (ldap): Released connection (2)
(8) [ldap] = updated
(8) [expiration] = noop
(8) [logintime] = noop
(8) pap: Unknown header {{SASL}} in Password-With-Header, re-writing to
Cleartext-Password
(8) pap: Removing &control:Password-With-Header
My radius server can not authenticate users from LDAP server B.
Can anyone help me?
thank you!
More information about the Freeradius-Users
mailing list