This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

how to designate the password field used by LDAP AAA/RADIUS

how to designate the password field used by LDAP AAA/RADIUS

Tom10
New Contributor

‎12-17-2018 01:51 PM

Is there any way to define which attribute the RADIUS server checks in an external LDAP server? It seems to be hitting the first one that it hits (NT passwd) rather than the userPassword attribute which has caused some odd problems.

0 Kudos
13 REPLIES 13

Tom10
New Contributor

‎12-17-2018 03:40 PM

OpenLDAP
0 Kudos

samantha_lynn
Esteemed Contributor III

‎12-17-2018 03:29 PM

Thank you for that output. Could you tell me what application you are using to manage your user directory?

0 Kudos

Tom10
New Contributor

‎12-17-2018 03:16 PM

Hi,
ah00#exec aaa ldap-search username tom
ah00#
Exec-Program output:
Search user 'tom' under baseDN ou=users,dc=pcc,dc=com successful.
filter: (uid=tom)
dn: uid=tom,ou=users,dc=pcc,dc=com
uid: tom
mail: tom@pcc.com
password exists
password exists
I take it we shouldn’t see password exists twice?
Sent from Mail for Windows 10
0 Kudos

samantha_lynn
Esteemed Contributor III

‎12-17-2018 02:33 PM

That depends a bit on what we're getting back from the LDAP server. Would you be able to provide the output from this command:

 

exec aaa ldap-search

 

Also, if you can send tech data from the AP you run that command on, that would be helpful. If you'd rather send that to me directly, my email is communityhelp@aerohive.com.

 

To get tech data in HiveManager (formerly NG, cloud.aerohive.com):

Tools> Utilities> Get tech data> Check the box next to the device> Get tech data (blue button at the top of the page this time).

 

This guide reviews how to get tech data from the CLI of the AP in case that is more convenient:

https://thehivecommunity.aerohive.com/s/article/Collecting-Tech-Data-via-CLI

 

0 Kudos
GTM-P2G8KFN