[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: problem with LDAP backend
From: Alan DeKok <aland () deployingradius ! com>
Date: 2011-08-31 16:30:45
Message-ID: 4E5E61B5.2000601 () deployingradius ! com
[Download RAW message or body]
Frank Bonnet wrote:
> MAC addresses for some video devices in the "users" file
> as follows :
>
> 00-06-F4-0D-08-66 Auth-Type := Local, User-Password == "xxxxxxxx"
That's wrong. See the debug output for reasons why. See the FAQ for
correct examples.
> LDAP backend for "real" users at the end of the "users" file I have this
> statement
>
> DEFAULT Auth-Type = LDAP
> Fall-Through = 1
That's not needed.
> Wed Aug 31 16:52:39 2011 : Auth: rlm_ldap: Attribute "User-Password" is
> required for authentication. Cannot use "CHAP-Password".
That's pretty clear. The NAS is sending a CHAP request. You can't do
that with "Auth-Type LDAP"
Instead, list "ldap" in the "authorize" section.
Don't set Auth-Type. It's almost always wrong.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic