kevin J wrote:
Our ldap has USER-CTPASSWORD for clear-text. I properly modified ldap.attrmap and dictionary. I put password_header = "{clear}" in ldap of module (radiusd.conf) but I got
rlm_ldap: Attribute: "User-Password" is required for authentication. Cannot use "CHAP-Password"
Anybody know how to do CHAP with a password which is extracted from ldap?
Kevin
I found the line 1441 of rlm_ldap.c returns RLM_MODULE_INVALID if the password is not pap:
if(request->password->attribute != PW_PASSWORD) {
radlog(L_AUTH, "rlm_ldap: Attribute \"User-Password\" is required for \
authentication. Cannot use \"%s\".", request->password->name);
return RLM_MODULE_INVALID;
}
Should I change the line if I want to make ldap working with CHAP?
Another question is if I want to use a persistant connection to ldap then what should I do?
It looks that radius binds ldap per authentication.
Thanks, Kevin
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
