<font face="tahoma,sans-serif">Hello,<br><br>I'm new to Radius. So basically i tried to setup 2 Radius server, one runs on our SLES 10 PROD (Radius and Novell LDAP sit on the same server) - this is works fine using eap_mschapv2 authentication. Radius version is 1.X. We use Radius to authenticate our wireless and get LDAP authentication. So no issue with this.<br>
<br>Second server - SLES 11 ; i get the installer directly from Novell and its use version 2.1.1. So it seems the config way is different but i did try match with the Radius 1.X config (just a dffierent module i guess). Everything works fine, except 1 things.<br>
<br>In Radius 1.x - SLES 10 when i run radiusd -X ; i don't see the user password (which is good). but in Radius 2.1.1 i can see it clearly ... how can i eliminate this cleartext password being showed there? I'm new to this authentication method or eap_mschap protocol, so please bear with me :)<br>
<br><i>[peap] Got tunnled request<br> EAP-Message = 0x020a00061a03<br>server (null) {<br> PEAP: Setting User-Name to sdholakia2<br>Sending tunneled request<br> EAP-Message = 0x020a00061a03<br> FreeRADIUS-Proxied-To = 127.0.0.1<br>
User-Name = "sdholakia2"<br> State = 0xf32f92c4f22588e5c2ccbfc052ff2f65<br>server inner-tunnel {<br>+- entering group authorize {...}<br>++[chap] returns noop<br>++[control] returns noop<br>++[mschap] returns noop<br>
++[unix] returns notfound<br>++[control] returns notfound<br>[eap] EAP packet type response id 10 length 6<br>[eap] No EAP Start, assuming it's an on-going EAP conversation<br>++[eap] returns updated<br>++[files] returns noop<br>
[ldap] performing user authorization for sdholakia2<br>[ldap] expand: (uid=%u) -> (uid=sdholakia2)<br>[ldap] expand: ou=Active,ou=Users,o=FSID -> ou=Active,ou=Users,o=FSID<br>rlm_ldap: ldap_get_conn: Checking Id: 0<br>
rlm_ldap: ldap_get_conn: Got Id: 0<br>rlm_ldap: performing search in ou=Active,ou=Users,o=FSID, with filter (uid=sdhoakia2)<br>[ldap] Added the eDirectory password Test in check items as Cleartext-Passwrd<br>[ldap] looking for check items in directory...</i><br clear="all">
</font><br><br>While at radiusd -X of the radius 1.X i can only see<br><font face="tahoma,sans-serif"><i>Added the eDirectory password </i></font><br><font face="tahoma,sans-serif"><i>[ldap] looking for check items in directory...<br>
<br><br></i></font><div><font face="tahoma, sans-serif">Best Regards,</font></div>
<div><font face="tahoma, sans-serif">Danny</font></div>