#
# $Id$
+#
# Lightweight Directory Access Protocol (LDAP)
#
ldap {
# directory attributes.
# dictionary_mapping = ${confdir}/ldap.attrmap
+ # Set to "no" to disable the "no \"known good\" password" warning,
+ # if you're not using LDAP to retrieve password values.
+# expect_password = "yes"
+
+ #
# Profile related attributes.
#
profiles {
const char *xlat_name; /* name used to xlat */
const char *map_file;
+ int expect_password;
TLDAP_RADIUS *check_map;
TLDAP_RADIUS *reply_map;
char **attrs;
/* file with mapping between LDAP and RADIUS attributes */
{"dictionary_mapping", PW_TYPE_FILENAME,
offsetof(ldap_instance, map_file), NULL, NULL},
-
+
+ /* turn off the annoying warning if we don't expect a password */
+ {"expect_password", PW_TYPE_BOOLEAN,
+ offsetof(ldap_instance,expect_password), NULL, "yes"},
+
/*
* Terrible things which should be deleted.
*/
* More warning messages for people who can't be bothered
* to read the documentation.
*/
- if (debug_flag > 1) {
+ if (inst->expect_password && (debug_flag > 1)) {
if (!pairfind(request->config_items, PW_CLEARTEXT_PASSWORD, 0) &&
!pairfind(request->config_items, PW_NT_PASSWORD, 0) &&
!pairfind(request->config_items, PW_USER_PASSWORD, 0) &&