pap authenticate issue

[liuyang]

Hi All,

 

I got a problem with my freeradius server 2-2.1.7-7

 

PAP knew we're using NT-Password, but it still using CRYPT encryption

Can anyone give me some help?

Really appreciate for the coming help

 

 

rad_recv: Access-Request packet from host 192.168.8.190 port 10598, id=184,
length=92

        User-Name = "liuyang"

        User-Password = "398765"

        NAS-IP-Address = 127.0.0.1

        NAS-Identifier = "sshd"

        NAS-Port = 9573

        NAS-Port-Type = Virtual

        Service-Type = Authenticate-Only

        Calling-Station-Id = "192.168.8.118"

+- entering group authorize {...}

++[preprocess] returns ok

++[chap] returns noop

++[mschap] returns noop

[suffix] No '@' in User-Name = "liuyang", looking up realm NULL

[suffix] No such realm "NULL"

++[suffix] returns noop

[eap] No EAP-Message, not doing EAP

++[eap] returns noop

++[unix] returns updated

rlm_ldap: Entering ldap_groupcmp()

[files]         expand: dc=smsgrp,dc=com -> dc=smsgrp,dc=com

[files]         expand: %{Stripped-User-Name} -> 

[files]         expand: %{User-Name} -> liuyang

[files]         expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(uid=liuyang)

rlm_ldap: ldap_get_conn: Checking Id: 0

rlm_ldap: ldap_get_conn: Got Id: 0

rlm_ldap: performing search in dc=smsgrp,dc=com, with filter (uid=liuyang)

rlm_ldap: ldap_release_conn: Release Id: 0

[files]         expand:
(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass
=GroupOfUniqueNames)(uniquemember=%{control:Ldap-UserDn}))) ->
(|(&(objectClass=GroupOfNames)(member=cn\3dliu
yang\2cou\3dUsers\2cou\3dAccounts\2cdc\3dsmsgrp\2cdc\3dcom))(&(objectClass=G
roupOfUniqueNames)(uniquemember=cn\3dliu
yang\2cou\3dUsers\2cou\3dAccounts\2cdc\3dsmsgrp\2cdc\3dcom)))

rlm_ldap: ldap_get_conn: Checking Id: 0

rlm_ldap: ldap_get_conn: Got Id: 0

rlm_ldap: performing search in dc=smsgrp,dc=com, with filter
(&(cn=domain_users)(|(&(objectClass=GroupOfNames)(member=cn\3dliu
yang\2cou\3dUsers\2cou\3dAccounts\2cdc\3dsmsgrp\2cdc\3dcom))(&(objectClass=G
roupOfUniqueNames)(uniquemember=cn\3dliu
yang\2cou\3dUsers\2cou\3dAccounts\2cdc\3dsmsgrp\2cdc\3dcom))))

rlm_ldap::ldap_groupcmp: User found in group domain_users

rlm_ldap: ldap_release_conn: Release Id: 0

++[files] returns noop

[ldap] performing user authorization for liuyang

[ldap]  expand: %{Stripped-User-Name} -> 

[ldap]  expand: %{User-Name} -> liuyang

[ldap]  expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) ->
(uid=liuyang)

[ldap]  expand: dc=smsgrp,dc=com -> dc=smsgrp,dc=com

rlm_ldap: ldap_get_conn: Checking Id: 0

rlm_ldap: ldap_get_conn: Got Id: 0

rlm_ldap: performing search in dc=smsgrp,dc=com, with filter (uid=liuyang)

[ldap] looking for check items in directory...

rlm_ldap: pcnMicrosoftNTPassword -> NT-Password ==
0x3941383936454439353845383741424246443546313634414231464145434543

[ldap] looking for reply items in directory...

WARNING: No "known good" password was found in LDAP.  Are you sure that the
user is configured correctly?

[ldap] user liuyang authorized to use remote access

rlm_ldap: ldap_release_conn: Release Id: 0

++[ldap] returns ok

++[expiration] returns noop

++[logintime] returns noop

[pap] Normalizing NT-Password from hex encoding

++[pap] returns updated

Found Auth-Type = PAP

+- entering group PAP {...}

[pap] login attempt with password "398765"

[pap] Using CRYPT encryption.

[pap] Passwords don't match

++[pap] returns reject

 

 

 

Best Regards,

Liuyang

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110622/fb7b4ac4/attachment.html>