[RADIATOR] trouble with LDAPv2 and simple bind
Matt Richard
matt.richard at fandm.edu
Wed Jul 2 14:14:12 CDT 2008
Hello,
I am working on upgrading Radiator from 3.17.1 to 4.2 on my Mac OSX
10.4.11 systems.
In one authentication scenario, a Cisco VPN3000 authenticates against
Radiator. Radiator in turn uses LDAPv2 with ServerChecksPassword to
authenticate user passwords.
Server #1 is still running 3.17.1. It is working just fine.
Server #2 is running 4.2 with patches up to 2008-06-27. Radiator on
this server cannot perform simple binds to authenticate users. The
password seems to be munged before it gets sent from Radiator to the
LDAP server.
When I do a packet capture on Server #1, looking at the ldap bind, I can
see the password in cleartext.
However when I do the same capture on Server #2 the password is longer
and it does not match the cleartext of the user password.
Both servers are Mac OSX 10.4.11 and are using the same perl modules
including perl-ldap-0.36. They are also using the same configuration files.
Do you have any thoughts or suggestions?
Thanks!
-Matt
--
Matt Richard '08
Access and Security Coordinator
Computing Services
Franklin & Marshall College
matt.richard at fandm.edu
(717) 291-4157
More information about the radiator
mailing list