Are you sure that your bind dn has read access userPassword? A default OpenLDAP
installation usually has a admin user.
Gosa ACLs are only applied when using the web interface, they are not used for
direct access via LDAP.
> Am 27.04.2016 um 03:43 schrieb siology.io :
>
> I'm having issues migr
Hi Jeremy,
> Am 22.04.2016 um 22:40 schrieb Jeremy Utley :
>
> Hello all!
>
> I'm quite close to reaching the ideal point with our new FreeIPA setup, but
> one thing that is standing in the way is 2FA. I know FreeIPA has support for
> Google Auth, FreeOTP, and Yubikey. We'd like to go with Y
Hi,
you are trying to do different things in both cases. radtest does plain text
authentication to ldap while your real world example connects as another user
and tries to compare the MSCHAPv2 hash.
For MSCHAPv2 to work you need:
-mschapv2 hashes in ldap (samba schema or activate AD trust featur
If you use the MSLSA credential cache MIT kerberos works.
kinit -c MSLSA: user@REALM
Not sure about the MIT ticket manager.
Am 11.11.2015 um 01:54 schrieb Loris Santamaria :
>
>
> El mar, 10-11-2015 a las 16:15 -0700, Randolph Morgan escribió:
>> Yes they are in the same DNS domain as the IP