Eureka
Didn`t really know what you where talking about, but I changed the ldap.attrmap to make lm and ntpassword checkitems instead of replyitems. And.. it worked.:-) I suggest you tell someon to chage the ldap.atrrmap in the sources, cause I can`t imagine a more commen use of the lm/nt-password than to use them for authentication with MS-Chap. So they should be checkitems by default shouldn`t they? And another thing! It is quite hard to understand how freeradius works if everyone is using differnent expressions for one thing. For example it was not easy to get the idea that check-items would be what you ment with saying: >"Instead of configuring NT-Password and LM-Password for user you >add these attributes to RADIUS reply" Well, thanks a lot for your help I guess someone will have to spend a lot of work for a good domcumentation. I will try to at least write a howto for what I have done if i find the time :-|. If you can also help me with my other posting: "Multiple LDAP instances mapped to NAS-IP-Address -- and MSCHAP?" I will hug you virtually :-) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
