[mschap] No Cleartext-Password configured. Cannot createLM-Password.

Grzegorz Cimochowski admin at prawda.net.pl
Thu Jan 31 18:20:26 CET 2013 

Waking up in 3.4 seconds.
rad_recv: Access-Request packet from host 192.168.30.15 port 46844, id=161, 
length=192
 Service-Type = Framed-User
 Framed-Protocol = PPP
 NAS-Port = 138584
 NAS-Port-Type = Ethernet
 User-Name = "chmielewska_d"
 Calling-Station-Id = "54:E6:FC:E7:EA:E7"
 Called-Station-Id = "witosa3"
 NAS-Port-Id = "ether1"
 MS-CHAP-Challenge = 0x28c98da9117ed73968677b477bfe0adf
 MS-CHAP2-Response = 
0x01000de14d8d5551d54ac1898b1baffc011300000000000000003372483474e6d9ef5302fdc1e3bb081e0f47a844c8258da7
 NAS-Identifier = "witosa3"
 NAS-IP-Address = 192.168.30.15
# Executing section authorize from file 
/usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
[suffix] No '@' in User-Name = "chmielewska_d", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[sql]  expand: %{User-Name} -> chmielewska_d
[sql] sql_set_user escaped user --> 'chmielewska_d'
rlm_sql (sql): Reserving sql socket id: 4
[sql]  expand: SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = '%{SQL-User-Name}' AND status = '1' 
ORDER BY id -> SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = 'chmielewska_d' AND status = '1' 
ORDER BY id
[sql]  expand: SELECT groupname           FROM radusergroup           WHERE 
username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT 
groupname           FROM radusergroup           WHERE username = 
'chmielewska_d'           ORDER BY priority
[sql]  expand: SELECT id, groupname, attribute,           Value, op 
FROM radgroupcheck           WHERE groupname = '%{Sql-Group}' 
ORDER BY id -> SELECT id, groupname, attribute,           Value, op 
FROM radgroupcheck           WHERE groupname = 'DaNET 1280'           ORDER 
BY id
[sql] User found in group DaNET 1280
[sql]  expand: SELECT id, groupname, attribute,           value, op 
FROM radgroupreply           WHERE groupname = '%{Sql-Group}' 
ORDER BY id -> SELECT id, groupname, attribute,           value, op 
FROM radgroupreply           WHERE groupname = 'DaNET 1280'           ORDER 
BY id
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
[pap] WARNING! No "known good" password found for the user.  Authentication 
may fail because of this.
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Creating challenge hash with username: chmielewska_d
[mschap] Client is using MS-CHAPv2 for chmielewska_d, we need NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[sql]  expand: %{User-Name} -> chmielewska_d
[sql] sql_set_user escaped user --> 'chmielewska_d'
[sql]  expand: %{User-Password} ->
[sql]  ... expanding second conditional
[sql]  expand: %{Chap-Password} ->
[sql]  expand: INSERT INTO radpostauth                           (username, 
pass, reply, authdate)                           VALUES 
(                           '%{User-Name}', 
'%{%{User-Password}:-%{Chap-Password}}', 
'%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth 
(username, pass, reply, authdate)                           VALUES 
(                           'chmielewska_d',                           '', 
'Access-Reject', '2013-01-31 14:34:55')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth 
(username, pass, reply, authdate)                           VALUES 
(                           'chmielewska_d',                           '', 
'Access-Reject', '2013-01-31 14:34:55')
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released


this log interesed me
chmielewska_d is in database add
why:
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Creating challenge hash with username: chmielewska_d
[mschap] Client is using MS-CHAPv2 for chmielewska_d, we need NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
?

More information about the Freeradius-Devel mailing list