On Mon, Jul 11, 2005 at 03:40:32PM -0600, Vladimir Vuksan wrote:
I believe this is incorrect. You may want to split off the two password hashes and put them in separate variables ie. LM-Password and NT-Password. User-Password usually refers to either a crypted or cleartext password.
I think you are correct! I have tried splitting the password into two seperate parts: mysql> select * from radcheck where UserName ="testacct"; +------+----------+-------------+----+----------------------------------+ | id | UserName | Attribute | op | Value | +------+----------+-------------+----+----------------------------------+ | 697 | testacct | NT-Password | == | 8503P0UI042LADKP3M13B449051404EE | | 2513 | testacct | LM-Password | == | BEO04PD4LA909194D58181AFS44KE005 | +------+----------+-------------+----+----------------------------------+ 2 rows in set (0.00 sec) I receive logs similar to what is received when logging in with a "bad password", as before. I have even swapped two values with each other (NT for LM). MS-CHAP failed. --johnk