What about persistant connection in my question below? Is it that radius binds ldap per authentication?
Kevin,
Alexandre Durand wrote:
It posible that i ve the same probleme because i can't working PEAP MS-CHAP with LDAP base. Error with NTPassword or LmPAssword. But password in LDAP stored by "clear"
In this day, i didn't found the solution !!
----- Original Message ----- From: "kevin J" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 19, 2004 4:08 AM
Subject: Re: CHAP not working with ldap
http://www.freeradius.org/list/users.htmlAlan DeKok wrote:
kevin J <[EMAIL PROTECTED]> wrote:
I found the line 1441 of rlm_ldap.c returns RLM_MODULE_INVALID if the password is not pap:
...
What you're missing is that's the *authentication* function. The LDAP database doesn't know how to do CHAP, it only knows how to do PAP. So the rlm_ldap module can send ONLY a PAP password to an LDAP database.
Thanks Alan. CHAP is working with ldap now. I have two more questions though.
1) I found that PAP is not working with ldap. RADIUS just tried ldap authentication. I don't know why. Is there anything that I have to do for PAP? 2) It looks that ldap connection is not persistant which mean re-bind ldap per authentication. Is this true or am I missing something?
Thanks, Kevin
-
List info/subscribe/unsubscribe? See
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html