Hi again Alan,
> Configure the "password_header" entry in the ldap{} section, in
> radiusd.conf.
already done, but in the doc it's said it just strips away the {CRYPT} substring
of the crypted passwd. Still have to put the encrypted password in the popup box
to make it work...
>You can also map that LDAP entry to the Crypt-Password
> attribute, and the server will figure it out from there.
Also tried it:
checkItem LM-Password lmPassword
checkItem NT-Password ntPassword
checkItem Crypt-Password userPassword
checkItem SMB-Account-CTRL-TEXT acctFlags
But it doesn't seem to change a lot of things:
rlm_ldap: Adding userPassword as Crypt-Password, value { & op=21
rlm_ldap: Adding ntPassword as NT-Password, value
EFAC11B52777F8D7A34BDC1A0F89228D & op=21
rlm_ldap: Adding lmPassword as LM-Password, value
136BE46417241D68AAD3B435B51404EE & op=21
rlm_ldap: looking for reply items in directory...
I tried it with and without setting the password_attribute and password_header
in the radiusd.conf. Result is the same. Anyway in the freeradius sources i
can't find any reference to Crypt-Password in the rlm_ldap module, and in main.c
it seems to be a reference to a user-provided password, not to the backend db.
I'm using 0.9.3 do i need a CVS version ?
Thanks again ....
Arnauld
--
Arnauld Dravet
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
