User-Password to Cleartext-Password Conversion.
Hello, In which file exactly do I need to add this? Qoute > If it really is impossible to do this, the following unlang inserted above the call to the pap module may be used to copy User-Password to the correct attribute: if (!control:Cleartext-Password && control:User-Password) { update control { Cleartext-Password := "%{control:User-Password}" } } However, this should only be seen as a temporary, not permanent, fix. It is better to fix your databases to use the correct configuration. <Unqoute I changed the attribute temporarily in my DB and it worked, I would prefer using the same attribute as no specific detrimental effects about the above have been mentioned. Secondly I keep getting. -- *Mustafa Mujahid | Systems* /Operations Engineer/
On Jan 18, 2017, at 10:38 AM, Mustafa Mujahid/SYS <mustafa.mujahid@nayatel.com> wrote:
In which file exactly do I need to add this?
raddb/sites-enabled/default in the "authorize" section.
Qoute >
If it really is impossible to do this, the following unlang inserted above the call to the pap module may be used to copy User-Password to the correct attribute:
if (!control:Cleartext-Password && control:User-Password) { update control { Cleartext-Password := "%{control:User-Password}" } }
However, this should only be seen as a temporary, not permanent, fix. It is better to fix your databases to use the correct configuration.
<Unqoute
I changed the attribute temporarily in my DB and it worked, I would prefer using the same attribute as no specific detrimental effects about the above have been mentioned.
You should update your database to use Cleartext-Password. It's better. Alan DeKok.
Our DB admin was not in the favor of doing this, but okay if you say so, I will discuss this with him. *Mustafa Mujahid | Systems* /Operations Engineer/ On 01/18/2017 09:03 PM, Alan DeKok wrote:
On Jan 18, 2017, at 10:38 AM, Mustafa Mujahid/SYS <mustafa.mujahid@nayatel.com> wrote:
In which file exactly do I need to add this? raddb/sites-enabled/default in the "authorize" section.
Qoute >
If it really is impossible to do this, the following unlang inserted above the call to the pap module may be used to copy User-Password to the correct attribute:
if (!control:Cleartext-Password && control:User-Password) { update control { Cleartext-Password := "%{control:User-Password}" } }
However, this should only be seen as a temporary, not permanent, fix. It is better to fix your databases to use the correct configuration.
<Unqoute
I changed the attribute temporarily in my DB and it worked, I would prefer using the same attribute as no specific detrimental effects about the above have been mentioned. You should update your database to use Cleartext-Password. It's better.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 18-01-17 17:24, Alan DeKok wrote:
On Jan 18, 2017, at 11:15 AM, Mustafa Mujahid/SYS <mustafa.mujahid@nayatel.com> wrote:
Our DB admin was not in the favor of doing this, but okay if you say so, I will discuss this with him.
Your DB admin should have ZERO opinion on the FreeRADIUS configuration.
It almost sounds as if the database with FreeRADIUS configuration is used for other applications as well. That seems like a good way to introduce some really nasty dependencies. -- Herwin Weststrate
There is another Radius 2.x (test) also authenticating from the same Test DB, and it works fine with "Password". I've not tested it with "Cleartext-Password", but I hope Radius 2.x will be able to read the Cleartext-Password attribute. Basically we wanted as little change as possible at DB end. *Mustafa Mujahid | Systems* /Operations Engineer/ On 01/18/2017 09:40 PM, Herwin Weststrate wrote:
On 18-01-17 17:24, Alan DeKok wrote:
On Jan 18, 2017, at 11:15 AM, Mustafa Mujahid/SYS <mustafa.mujahid@nayatel.com> wrote:
Our DB admin was not in the favor of doing this, but okay if you say so, I will discuss this with him. Your DB admin should have ZERO opinion on the FreeRADIUS configuration. It almost sounds as if the database with FreeRADIUS configuration is used for other applications as well. That seems like a good way to introduce some really nasty dependencies.
On Jan 18, 2017, at 11:49 AM, Mustafa Mujahid/SYS <mustafa.mujahid@nayatel.com> wrote:
There is another Radius 2.x (test) also authenticating from the same Test DB, and it works fine with "Password". I've not tested it with "Cleartext-Password", but I hope Radius 2.x will be able to read the Cleartext-Password attribute. Basically we wanted as little change as possible at DB end.
We have recommended using Cleartext-Password since version 1.1.4. It's fine. Alan DeKok.
Hi, whats the exact problem with your database and FR implementation? a DB is just a DB, a source of info..so if the info is correct, it'll work. if the DB admin is being inflexible then you'll just have to change the FR config to read the right columns alan
What do you mean by FR? *Mustafa Mujahid | Systems* On 01/18/2017 11:19 PM, A.L.M.Buxey@lboro.ac.uk wrote:
Hi,
whats the exact problem with your database and FR implementation? a DB is just a DB, a source of info..so if the info is correct, it'll work. if the DB admin is being inflexible then you'll just have to change the FR config to read the right columns
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
That was my original question. I found out that to translate Password to Cleartext-Password we need to make the following entry if (!control:Cleartext-Password && control:User-Password) { update control { Cleartext-Password := "%{control:User-Password}" } } but I don't know where exactly. *Mustafa Mujahid | Systems* /Operations Engineer/ Nayatel 73-E, GD Arcade, Fazal-ul-Haq Road, Blue Area, Islamabad – 44000 UAN: 051-111-114-444 Ext.617 URL: www.nayatel.com, www.dsl.net.pk, On 01/19/2017 12:07 PM, Herwin Weststrate wrote:
On 19-01-17 07:08, Mustafa Mujahid/SYS wrote:
What do you mean by FR? FreeRadius
participants (4)
-
A.L.M.Buxey@lboro.ac.uk -
Alan DeKok -
Herwin Weststrate -
Mustafa Mujahid/SYS