Question about LDAP authentication

Petit, Benoit b.petit at
Wed Jul 25 14:39:30 CEST 2018

Thank you very much Matthew for the quick answer! 


Benoit Petit
Analyste Technique | Technical Analyst
Sécurité et Intelligence Digitale TI | IT Security and Digital Intelligence
1 Carrefour Alexandre-Graham-Bell - Aile E - 3e étage - Verdun - QC - H3E 3B3
L'utilisation de ce message et régie par notre politique de courriel.
The use of this message is restricted by our mail policies.
Vacances : 24 août au 17 septembre

-----Message d'origine-----
De : Freeradius-Users < at> De la part de Matthew Newton
Envoyé : 25 juillet 2018 08:35
À : FreeRadius users mailing list <freeradius-users at>
Objet : Re: Question about LDAP authentication

On Wed, 2018-07-25 at 12:20 +0000, Petit, Benoit wrote:
> I have a quick question about LDAP authentication. The radius 
> authentication is working but when I check the logs in debug mode I 
> get a warning concerning LDAP. I'm wondering if this warning is 
> important and how I can get ride of it. I put  the ldap auth in the 
> /raddb/sites-available/default file but the following warning keeps 
> coming back, even tough the user's attributes are passed:
> WARNING: No "known good" password was found in LDAP.  Are you sure 
> that the user is configured correctly?

You normally authenticate by getting the good password from LDAP and then checking that the password is correct. This warning tells you that it wasn't able to get the password from LDAP.

If you are authenticating by binding to LDAP as the supplied user, then you don't need to get the password, so this message doesn't matter.

> The logs then continue and I receive an Accept-Accept for the session. 
> Is this warning relevant and how can I get rid of it?

Ignore it.


List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list