No "known good" password found for the user.

Matthew Newton mcn at freeradius.org
Wed Aug 26 13:16:11 CEST 2020


On 26/08/2020 09:56, ROB HUGHES via Freeradius-Users wrote:
> I can auth against a RADIATOR setup when trying to ssh into a server, 
> but when I try to change to auth against my freeRADIUS servers I get " 
> No "known good" password found for the user. "
> 
> TLSMC: MozNSS compatibility interception begins.
> tlsmc_convert: INFO: cannot open the NSS DB, expecting PEM configuration 
> is present.
> tlsmc_intercept_initialization: INFO: successfully intercepted TLS 
> initialization. Continuing with OpenSSL only.
> TLSMC: MozNSS compatibility interception ends.
> rlm_ldap (ldap): Bind successful
> (414) pap: WARNING: No "known good" password found for the user.  Not 
> setting Auth-Type
> (414) pap: WARNING: Authentication will fail unless a "known good" 
> password is available
> (414) # Executing group from file /etc/raddb/sites-enabled/default
> (414) ntlm_auth: Program executed successfully

Don't use LDAP libraries that are linked against NSS. NSS compatibility 
is not actually compatible and it won't work properly.

See packages.networkradius.com for the latest FreeRADIUS packages and 
there are instructions on installing the LTB LDAP libraries that are 
linked against OpenSSL.

-- 
Matthew


More information about the Freeradius-Users mailing list