How "bind as user" mode works?
Rodrigo Abrantes Antunes
rodrigoantunes at pelotas.ifsul.edu.br
Thu Aug 17 14:02:06 UTC 2023
It didn't! That's what I said earlier and thats the reason why I
posted in the list.
Like I said, I followed that guide and it didn't work.
This is what the debug output says:
(25) ldap: WARNING: No "known good" password added. Ensure the admin
user has permission to read the password attribute
(25) ldap: WARNING: PAP authentication will *NOT* work with Active
Directory (if that is what you were trying to configure)
Citando Alan DeKok <aland at deployingradius.com>:
> On Aug 17, 2023, at 8:14 AM, Rodrigo Abrantes Antunes
> <rodrigoantunes at pelotas.ifsul.edu.br> wrote:
>> With TTLS + PAP I still need read access to the user password in AD right?
>
> No. You can do "bind as user". That's what I said.
>
>> This is what is said in the debug output at least, so it doesn't
>> help me because I don't have this access like I said earlier.
>
> Did you read what I said? TTLS+PAP means that "bind as user" will
> work. Which means that FreeRADIUS doesn't need to read the password.
>
> Stop arguing and go test it. It will work.
>
> Alan DeKok.
>
> -List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list