Force PAP to use unix password instead of windows
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Mar 16 11:32:20 CET 2016
> On 16 Mar 2016, at 10:27, Stefan Paetow <Stefan.Paetow at jisc.ac.uk> wrote:
>
>> I have freeradius authenticating users with a ldap backend. In my ldap configuration I have:
>>
>> update {
>> control:Password-With-Header += 'userPassword'
>> control:NT-Password := 'sambaNTPassword'
>> control:LM-Password := 'sambaLMPassword'
>> ...
>> }
> [snip]
>> Is there any way to force the use the password in the userPassword attribute instead of NT/LM one?
>
> Disable the two lines for the 'samba??Password' entries?
Or if only some LDAP entries have a cleartext password:
if (&control:Password-With-Header) {
update control {
control:NT-Password !* ANY
control:LM-Password !* ANY
}
}
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160316/72c89dc3/attachment.sig>
More information about the Freeradius-Users
mailing list