*Lasts messages i make a lot of confusion and didnt sent to all group.* * * *now i've a problem, and this is making me crazy!* *i change the /module/LDAP and now i can authenticate using plaintext or when i use the passwordwith {crypt}* * * *but when i try to use {md5} this dont work!*
*rad_recv: Access-Request packet from host 127.0.0.1 port 34019, id=41, length=57 User-Name = "user3" User-Password = "123" NAS-IP-Address = 200.131.96.47 NAS-Port = 10 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} [ldap] performing user authorization for user3 [ldap] expand: (uid=%u) -> (uid=user3) [ldap] expand: dc=xxxxxxx,dc=edu,dc=br -> dc=xxxxxxx,dc=edu,dc=br [ldap] ldap_get_conn: Checking Id: 0 [ldap] ldap_get_conn: Got Id: 0 [ldap] performing search in dc=xxxxxxx,dc=edu,dc=br, with filter (uid=user3) [ldap] checking if remote access for user3 is allowed by uid [ldap] Added MD5-Password = ICy5YqxZB1uWSwcVLSNLcA== in check items [ldap] No default NMAS login sequence [ldap] looking for check items in directory... [ldap] userPassword -> Password-With-Header == "{MD5}ICy5YqxZB1uWSwcVLSNLcA==" [ldap] looking for reply items in directory... [ldap] user user3 authorized to use remote access [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the u ser Failed to authenticate the user. Login incorrect: [user3/123] (from client localhost port 10) Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} ++[ldap] returns noop Delaying reject of request 1 for 1 seconds Going to the next request * *if i change the encryptation to {crypt} this works** * *obviously i need to change the db on LDAP to crypt* *[ldap] userPassword -> Password-With-Header == "{CRYPT}WcViQmlg3nI4c" [ldap] looking for reply items in directory... [ldap] user user1 authorized to use remote access [ldap] ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop* *but all my database is using md5.* *i look my DB and see the MD5 isnt stored on base64 mode like the freeradius / PAP generate.* *when i export a lidff of a user i can see the password i see in base64.* *what i'm making wrong?* *if i use clear password works too.* sorry my poor english and if my doubt is too obvious, but i'm trying to solve that have 3 days and nothing. thanks.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html