Dear Alan DeKok thanks for your help i use it to get some to=ime to transfer all user information from other AAA server. i try to change Cleartext-Password to lower case by this code in authorize section But if password saved in database in upercase it can not be match to client lowercase password ...!!! i think i should change Cleartext-Password to lower case in other section update control { Cleartext-Password := "%{tolower:%{control:Cleartext-Password}}" } Best regards On Wed, Apr 24, 2013 at 7:17 PM, Alan DeKok <aland@deployingradius.com>wrote:
Mehdi Ravanbakhsh wrote:
how i could check case insensitive password for user..
You don't.
and it is better if i could limit this kind of password check for some nas-ip-adress.
Write "unlang" rules to do that.
which part of config file should be modified for this problem?
Write a policy:
if (User-Password) { update request { User-Password := "%{tolower:%{User-Password}}"
} }
This will force all passwords to lowercase. They will need to be in the database as lowercase.
Or, edit your database queries to do case-insensitive checks.
In general, this is a very bad idea. It's insecure.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html