Hi again Alan, > Configure the "password_header" entry in the ldap{} section, in > radiusd.conf.
already done, but in the doc it's said it just strips away the {CRYPT} substring of the crypted passwd. Still have to put the encrypted password in the popup box to make it work... >You can also map that LDAP entry to the Crypt-Password > attribute, and the server will figure it out from there. Also tried it: checkItem LM-Password lmPassword checkItem NT-Password ntPassword checkItem Crypt-Password userPassword checkItem SMB-Account-CTRL-TEXT acctFlags But it doesn't seem to change a lot of things: rlm_ldap: Adding userPassword as Crypt-Password, value { & op=21 rlm_ldap: Adding ntPassword as NT-Password, value EFAC11B52777F8D7A34BDC1A0F89228D & op=21 rlm_ldap: Adding lmPassword as LM-Password, value 136BE46417241D68AAD3B435B51404EE & op=21 rlm_ldap: looking for reply items in directory... I tried it with and without setting the password_attribute and password_header in the radiusd.conf. Result is the same. Anyway in the freeradius sources i can't find any reference to Crypt-Password in the rlm_ldap module, and in main.c it seems to be a reference to a user-provided password, not to the backend db. I'm using 0.9.3 do i need a CVS version ? Thanks again .... Arnauld -- Arnauld Dravet - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html