Re: PB with Accent in nspmPassword in request LDAP between FREE-RADIUS 1.0.5 (suse) and edirectory novell 6.5

[freeradius]

Hello,
I apologize for the delay in this  reply.
My 802.1x client send a demand of authentification on the network.
By means of ENTERASYS switch, the demand of authentification arrive at the radius server with login / password.
The demand of authentification (login /password with accents) arrives correctly at the RADIUS server.

To authenticate the user, the freeradius server send a LDAP request to the novell server (just with the user login) to ask it the nspmPassword.

The NOVELL servers reply with ldap response containing the nspmPassword attribut.

Then the freeradius server compare this login / nspmPassword with the login / password received first, it find differences and does not authenticate the user.  
I don’t know if the nspmPassword sent back by the Novell server is bad or good because the ldap response is crypted (port 636).
The uncrypted mode is refused by the novell server.

The debug mode of freeradius (radius-x -A) do not show the nspmPassword received by Freeradius.

I used a free tool : LDAPbrowser. This tool send a ldap request containing a novell login / password and gets back a list of attributes. I made a success with a login and a password containing characters with accents.

So the problem seems to be on the reception of the ldap request by the FREERADIUS server.

To identify better the problem, have  you some tests or debug command to help me?

thank you in advance. Best regards Stephan

"Alan DeKok" <[EMAIL PROTECTED]> Envoyé par : [EMAIL PROTECTED] 28/04/2006 17:09 Veuillez répondre à FreeRadius users mailing list <freeradius-users@lists.freeradius.org>

A FreeRadius users mailing list <freeradius-users@lists.freeradius.org> cc Objet Re: PB with Accent in nspmPassword in request LDAP between        FREE-RADIUS 1.0.5 (suse) and edirectory novell 6.5

[EMAIL PROTECTED] wrote:
> On the other hand, if the user uses a password using characters with
> accents, this solution does not work.
>
>  I identified the problem in the LDAP request  (ask nspmPassword) between
> FREE-RADIUS 1.0.5 and the edirectory of novell 6.5.

 Can you show qhat the LDAP browser does, and what FreeRADIUS does?
If we don't know what's going wrong, it's difficult to know what to
fix.

 So far as I know, FreeRADIUS handles UTF-8 fine, so characters with
accents should not be a problem.

 Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html