Authorisation with AD + Yubikey not working

Hello all,

i have a new installation of Privacyidea 3.08 with freeradius and authorisation from radius client is not working.

The Error from the log is as following:

[2023-05-12 16:02:21,469][5453][139645340710784][INFO][privacyidea.lib.user:262] user ‘xxxxxxx’ found in resolver ‘xxxxxxxdc001’
[2023-05-12 16:02:21,469][5453][139645340710784][INFO][privacyidea.lib.user:264] userid resolved to ‘51b5b72c-2b1d-464c-8406-c854bb3a633b’
[2023-05-12 16:02:21,565][5453][139645340710784][INFO][privacyidea.lib.user:432] User ‘xxxxxxx’ from realm ‘xxxxxx’ tries to authenticate
[2023-05-12 16:02:21,679][5453][139645340710784][WARNING][privacyidea.lib.resolvers.LDAPIdResolver:395] failed to check password for ‘51b5b72c-2b1d-464c-8406-c854bb3a633b’/‘CN=xxxxxxxxxx, OU=xxxxxxxxxxxxx, OU=Benutzer,OU=xxxxxxxxxx,DC=XX,DC=local’: LDAPPasswordIsMandatoryError(‘password is mandatory in simple bind’)
[2023-05-12 16:02:21,680][5453][139645340710784][INFO][privacyidea.lib.user:444] user User(login=‘xxxxx’, realm=‘xxxx’, resolver=‘xxxxxxxdc001’) failed to authenticate.

There is a rule → authentication → optpin: userstore with the used realm.

When i use the “Test Token” Function in the Token with the user part it is working fine.

Any ideas for me?

Thanks and BR, Ilja

You are expecting the LDAP Password via RADIUS.
But looks like you are sending nothing:

Fucking guess: your radius client configuration does not match your privacyIDEA configuration.