kevin J <[EMAIL PROTECTED]> wrote: > I found the line 1441 of rlm_ldap.c returns RLM_MODULE_INVALID if the > password is not pap: ...
What you're missing is that's the *authentication* function. The LDAP database doesn't know how to do CHAP, it only knows how to do PAP. So the rlm_ldap module can send ONLY a PAP password to an LDAP database. > Should I change the line if I want to make ldap working with CHAP? No. Do not set "Auth-Type := LDAP". Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html