Are you sure that your bind dn has read access userPassword? A default OpenLDAP
installation usually has a admin user.
Gosa ACLs are only applied when using the web interface, they are not used for
direct access via LDAP.
> Am 27.04.2016 um 03:43 schrieb siology.io :
>
>
Hi,
you are trying to do different things in both cases. radtest does plain text
authentication to ldap while your real world example connects as another user
and tries to compare the MSCHAPv2 hash.
For MSCHAPv2 to work you need:
-mschapv2 hashes in ldap (samba schema or activate AD trust
If you use the MSLSA credential cache MIT kerberos works.
kinit -c MSLSA: user@REALM
Not sure about the MIT ticket manager.
Am 11.11.2015 um 01:54 schrieb Loris Santamaria :
>
>
> El mar, 10-11-2015 a las 16:15 -0700, Randolph Morgan escribió:
>> Yes they are in the same