On 03/25/2010 12:31 PM, Jeffrey Wang wrote:
I am using freeradius server against my ldap server for regular user
access and eap. I need the wireless user treated differently. So I
created a entry in users file and would like to set user-password for
these users in encrypted form. For the users that are not in ldap, they
worked fine. However, the users are in the ldap, had been updated with
cleartext-password and radius ignores my user-password and uses
cleartext-password from ldap.
Can I delete the configuration items (cleartext-password) I set in
previous process, such as ldap or password file?
We have no clue what you did in a previous process nor what version of
FreeRADIUS you're using.
You could do one of several things:
Move the users file processing above the ldap in the authorize section
your config file so the user in found in the users file first.
Put those special users in an ldap group and do not return authorize
information if they are members of that group.
Remove the password attribute for those users from your ldap directory,
rlm_ldap can't return what it can't find.
--
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
