(RADIATOR) authbyLDAP with Active Directory

Hugh Irvine hugh at open.com.au
Mon May 14 19:18:34 CDT 2001


Hello Larry -

I am guessing that you are using CHAP authentication, which will not work 
with encrypted passwords in the user database. If you use encrypted 
passwords, you must use PAP authentication.

To understand further I will need to see a copy of your configuration file 
(no secrets) together with a trace 4 debug from Radiator.

regards

Hugh


On Tuesday 15 May 2001 07:41, Larry Prikockis wrote:
> Hi...
> I've gotten Radiator to work well using authByADSI on a Win2k box (thanks
> to some hints from Hugh and others on this list :-) but we'd really like to
> run it on a linux box.  In theory, I should be able to use AuthByLDAP for
> this, right?
>
> I've set up AuthDN and AuthPassword so that Radiator can authenticate
> properly, and it seems that the parameters I'm using for BaseDN and
> UsernameAttr are correct, as it's finding the user record in the Active
> Directory.
>
> However-- I'm using the ServerChecksPassword option (seems to make the most
> sense) and apparently, something is going haywire at this point.
> Authentication fails with a "bad encrypted password" message.
>
> Any idea on what might be happening?  Is this perhaps a bug with the
> ServerChecksPassword code?  Is anyone else using AuthbyLDAP to authenticate
> against an active directory server?
>
> all hints appreciated...
> thanks!
>
>
> +
> Larry J. Prikockis
> Web Applications Specialist
> Association for Biodiversity Information
> 703-908-1833 / larry_prikockis at abi.org / www.abi.org
> +
> All parts should go together without forcing.  You must remember that the
> parts you are reassembling were disassembled by you.  Therefore, if you
> can't get them together again, there must be a reason.  By all means, do
> not use a hammer.
> 	 -- IBM maintenance manual, 1925
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list