I have configured the /etc/raddb/modules/ldap and added an identity (although I don't if it works), but still it can't find a password for the user.
Here is the debug: rad_recv: Access-Request packet from host 127.0.0.1 port 37784, id=118, length=63 User-Name = "kim.almarez" User-Password = "k1m.alma" NAS-IP-Address = 127.0.0.1 NAS-Port = 0 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "kim.almarez", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop [ldap] performing user authorization for kim.almarez [ldap] expand: %{Stripped-User-Name} -> [ldap] expand: %{User-Name} -> kim.almarez [ldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=kim.almarez) [ldap] expand: O=SMPRIME -> O=SMPRIME rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to notes2.ho.sm.ph:389, authentication 0 rlm_ldap: bind as CN=Administrator,O=SMPRIME/ to notes2.ho.sm.ph:389 rlm_ldap: waiting for bind result ... rlm_ldap: Bind was successful rlm_ldap: performing search in O=SMPRIME, with filter (uid=kim.almarez) [ldap] looking for check items in directory... [ldap] looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? [ldap] user kim.almarez authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> kim.almarez attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 118 to 127.0.0.1 port 37784 Waking up in 4.9 seconds. Cleaning up request 0 ID 118 with timestamp +2 Ready to process requests. I guess rlm_ldap can't find a password attribute on the ldap of Lotus Notes. -- View this message in context: http://old.nabble.com/Freeradius2-%2B-LDAP-of-Lotus-Notes-tp29426192p29426699.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html