Kyle Jake Plimack wrote: > I've configured radius to use ldap for authorization and authentication. > Authorization works fine, but will allow access to authorized users > without a correct password.
No. > Why? ldap stores passwords using SSHA encryption. That doesn't change anything. > Is there any way to: > a. provide radius with the key/salt so it can compare the passwords properly It will do that automatically. > b. have radius bind as the user to check that the password is correct? It will do that automatically. > c. option I haven't thought of yet? Post the debug output, as suggested in the FAQ, README, INSTALL, "man" page, web site, and nearly daily on this list? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html