problems authenticating

Vladimir Vuksan vlists at veus.hr
Mon Jul 11 23:40:32 CEST 2005


jck-freeradius at southwestern.edu wrote:

>I am trying to do EAP-PEAP, using FreeRadius 1.0.4.  Here are the debug logs,
>at the breaking points:
>  
>

It doesn't appear you are sending the whole log. There should be another 
section where the user is being authorized against the SQL database. It 
appears your password is "incorrect". Read at the end of the message

>rlm_sql (sql): Released sql socket id: 4
>
>My thoughts are that SQL and MSCHAP should be in the authorization section,
>and MSCHAP and EAP should be in authentication.  I have tried this, and
>it does not work for me.  I really have no idea of what I am doing, although
>I have read the documentation.
>
>I am storing NTLM passwords in my SQL server.
>
>mysql> select * from radcheck where UserName = "johnk";
>+------+----------+---------------+----+-------------------------------------------------------------------+
>| id   | UserName | Attribute     | op | Value                                                             |
>+------+----------+---------------+----+-------------------------------------------------------------------+
>| 1490 | johnk    | User-Password | == | 0393A990E3426721695109AB020K4E1C:FBFR81520C5BDDENOTREALPASSWORD33 |
>+------+----------+---------------+----+-------------------------------------------------------------------+
>  
>

I believe this is incorrect. You may want to split off the two password 
hashes and put them in separate variables ie. LM-Password and 
NT-Password. User-Password usually refers to either a crypted or 
cleartext password.
 



More information about the Freeradius-Users mailing list