Hello, I´ve now spent so much time on troubleshooting, testing and searching for hints in the internet, I hope someone here from this mailing-list can support me. We are using freeradius to authenticate CLI-Access to Network-Devices, VPN-Access and WLAN-Access. As User-Database we are using Novell eDirectory via LDAP. I want to migrate from freeradius2 to freeradius3 on a new server. I´ve allready succeeded with migrating Network-CLI- and VPN-Access, however WLAN-Access is not working. These are the significant messages from the DEBUG saying "*mschap: No Cleartext-Password configured*". ... Executing group from file /etc/raddb/sites-enabled/inner-tunnel Fri Feb 1 10:18:31 2019 : Debug: (8) eap_mschapv2: authenticate { Fri Feb 1 10:18:31 2019 : Debug: (8) eap_mschapv2: modsingle[authenticate]: calling mschap (rlm_mschap) *Fri Feb 1 10:18:31 2019 : WARNING: (8) mschap: No Cleartext-Password configured. Cannot create NT-Password Fri Feb 1 10:18:31 2019 : WARNING: (8) mschap: No Cleartext-Password configured. Cannot create LM-Password* Fri Feb 1 10:18:31 2019 : Debug: (8) mschap: Creating challenge hash with username: koehne Fri Feb 1 10:18:31 2019 : Debug: (8) mschap: Client is using MS-CHAPv2 Fri Feb 1 10:18:31 2019 : ERROR: (8) mschap: FAILED: No NT/LM-Password. Cannot perform authentication ... Enclosed is a full debug. I´ve compared "old" and "new" configuration of the relevant modules several times and adapted the necessary changes in the configuration from freeradius2 to freeradius3. Here are the configs of the virtual-server and the ldap module: server mdwwlan { listen { .... } } authorize { filter_username preprocess auth_log detail suffix files -ldap eap { ok = return } Autz-Type LDAP { mdwacc_wlan mschap update { &MS-CHAP-User-Name := "%{mschap:User-Name}" } } } authenticate { Auth-Type MSCHAP { mschap } eap } } ldap mdwacc_wlan { server = "ldap.mdw.ac.at" port = 636 identity = "cn=ldap_radius,o=MDWds" password = frtz56uit33 basedn = "o=MDWds" access_attr = "mdwaccAllowwlan" filter = "(cn=%{%{Stripped-User-Name}:-%{User-Name}})" update { control:NT-Password := 'mdwaccPwwlan' } edir_autz = yes user { basedn = "o=MDWds" filter = "(cn=%{%{Stripped-User-Name}:-%{User-Name}})" scope = 'sub' access_attr = 'mdwaccAllowwlan' } group { basedn = "o=MDWds" filter = "(cn=%{%{Stripped-User-Name}:-%{User-Name}})" scope = 'sub' membership_attribute = 'radiusGroupName' } options { timeout = 4 srv_timelimit = 3 net_timeout = 1 } tls { start_tls = no } pool { start = ${thread[pool].start_servers} min = ${thread[pool].min_spare_servers} max = ${thread[pool].max_servers} uses = 0 lifetime = 0 } } And the "users" File: DEFAULT Huntgroup-Name == WISM, Autz-Type := LDAP Fall-Through = yes Do you have any hints for me, what could be missing or wrong in my configuration of version 3? Thank You!! Best Regards Ronald