Lionne Stangier wrote: > Freeradius can't read the LDAP user passwords. Our LDAP passwords encoded in > sha.
.. it is impossible to use PEAP with SHA passwords. http://deployingradius.com/documents/protocols/compatibility.html > I access with a Windows XP Client. Without LDAP it's work without problem. > > 2nd question. Can I access with Windows XP without using certificates? I don't know what that means. ... > [ldap] performing user authorization for lionne.stangier [ldap] WARNING: > Deprecated conditional expansion ":-". See "man unlang" for details > [ldap] ... expanding second conditional > [ldap] expand: %{User-Name} -> lionne.stangier > [ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> > (uid=lionne.stangier) > [ldap] expand: dc=allesklar,dc=com -> dc=allesklar,dc=com > [ldap] ldap_get_conn: Checking Id: 0 > [ldap] ldap_get_conn: Got Id: 0 > [ldap] performing search in dc=allesklar,dc=com, with filter > (uid=lionne.stangier) [ldap] looking for check items in directory... > [ldap] looking for reply items in directory... > WARNING: No "known good" password was found in LDAP. Are you sure that the > user is configured correctly? The LDAP search isn't returning a userPassword. So... what is in LDAP? What is returned when you do a search from the command line? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html