Please HELP!!! Any ideas??? MySQL and users file... Difference???
Hi, Gerry. Thanks for an answer...
I'll bet if you only have a single encrypted entry that will work.
This is just a guess on my part but give it a shot.
Gerry
Of course it works if I only have a single encrypted problem. This is exactly where my problem is. I do run a bunch of services onsite, some using the PAP passwords (CRYPT form) and some using the MS-CHAPv2 (partly internal and partly accessing the ADS via NTLM). I want the single logon for all services. If say PPPoe is PAP and IPSEC is MS-CHAPv2 I need two entries one with the CRYP-ted password for PAP and one plain or NT-hash for MS-CHAPv2. Everything works when using "users" file. PAP doesn't work when using the mysql backend and there is plain-text record in a database as well. It looks like freeradius does indeed only process first record (by the way I've tried playing with the SQL query for authentication in pursuit of making it to return the crypted password first, but alas it doesn't help). Do you by any chance know WHY it only processes one record and how to make it process two instead? Thanks Alex.
"Alex Savguira" <savguira@gmail.com> wrote:
Of course it works if I only have a single encrypted problem. This is exactly where my problem is. I do run a bunch of services onsite, some using the PAP passwords (CRYPT form) and some using the MS-CHAPv2 (partly internal and partly accessing the ADS via NTLM). I want the single logon for all services.
The use clear-text passwords. Also storing crypt'd passwords is a waste of time and gains nothing except additional headaches.
If say PPPoe is PAP and IPSEC is MS-CHAPv2 I need two entries one with the CRYP-ted password for PAP and one plain or NT-hash for MS-CHAPv2.
No. Absolutely not. The PAP authentication can use the clear-text password, too.
Everything works when using "users" file. PAP doesn't work when using the mysql backend
Use ':=', not '=='.
Do you by any chance know WHY it only processes one record and how to make it process two instead?
Did you read previous responses to your questions? Alan DeKok.
participants (2)
-
Alan DeKok -
Alex Savguira