Help migrating from 1.1.7 to 2.1.10 - clear text password being lost
Fajar A. Nugraha
list at fajar.net
Thu Mar 10 22:48:10 CET 2011
On Fri, Mar 11, 2011 at 1:48 AM, John Hayward <john.hayward at wheaton.edu> wrote:
> Hi Radius Fans,
> I am trying to move our current environment from 1.1.7 to 2.1.10 and are
> having a problem getting things to work.
>
> We have a Novell NDSLdap server which provides clear text passwords for
> Novell users.
> We are using peap-mschapv2.
>
> In looking at the logs and Eap-Messages we see:
> response 01 identity (username) -> server
> The server looks up the user in ndsldap and:
> Info: [ldap] Added the eDirectory password (password removed) in check
> items as Cleartext-Password
> Then the server sends a request 02 to use EAP-TLS
> There are a series of responses (mostly appear to be ack) and requests
> to get the tunnel setup
> which succeeds.
> Near the end the client sends a response (ID=8) which is a response to the
> mschap2 challenge.
> When the server is processing this response it reports:
> Info: [mschap] No Cleartext-Password configured. Cannot create
> LM-Password.
The usual response would be
http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21
>From your limited info, I'd guess that the first place to look is make
sure that ldap section (for ndsldap) is listed in BOTH outer tunnel
(raddb/sites-enabled/default) and inner tunnel
(raddb/sites-enabled/inner-tunnel)
--
Fajar
More information about the Freeradius-Users
mailing list