Fw: [mschap] No Cleartext-Password configured. Cannot createLM-Password.

Grzegorz Cimochowski admin at prawda.net.pl
Thu Jan 31 19:47:12 CET 2013 


> Waking up in 3.4 seconds.
> rad_recv: Access-Request packet from host 192.168.30.15 port 46844, 
> id=161, length=192
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Port = 138584
> NAS-Port-Type = Ethernet
> User-Name = "chmielewska_d"
> Calling-Station-Id = "54:E6:FC:E7:EA:E7"
> Called-Station-Id = "witosa3"
> NAS-Port-Id = "ether1"
> MS-CHAP-Challenge = 0x28c98da9117ed73968677b477bfe0adf
> MS-CHAP2-Response = 
> 0x01000de14d8d5551d54ac1898b1baffc011300000000000000003372483474e6d9ef5302fdc1e3bb081e0f47a844c8258da7
> NAS-Identifier = "witosa3"
> NAS-IP-Address = 192.168.30.15
> # Executing section authorize from file 
> /usr/local/etc/raddb/sites-enabled/default
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> [mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
> ++[mschap] returns ok
> [suffix] No '@' in User-Name = "chmielewska_d", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] No EAP-Message, not doing EAP
> ++[eap] returns noop
> [sql]  expand: %{User-Name} -> chmielewska_d
> [sql] sql_set_user escaped user --> 'chmielewska_d'
> rlm_sql (sql): Reserving sql socket id: 4
> [sql]  expand: SELECT id, username, attribute, value, op           FROM 
> radcheck           WHERE username = '%{SQL-User-Name}' AND status = '1' 
> ORDER BY id -> SELECT id, username, attribute, value, op           FROM 
> radcheck           WHERE username = 'chmielewska_d' AND status = '1' ORDER 
> BY id
> [sql]  expand: SELECT groupname           FROM radusergroup 
> WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT 
> groupname           FROM radusergroup           WHERE username = 
> 'chmielewska_d'           ORDER BY priority
> [sql]  expand: SELECT id, groupname, attribute,           Value, op FROM 
> radgroupcheck           WHERE groupname = '%{Sql-Group}' ORDER BY id -> 
> SELECT id, groupname, attribute,           Value, op FROM radgroupcheck 
> WHERE groupname = 'DaNET 1280'           ORDER BY id
> [sql] User found in group DaNET 1280
> [sql]  expand: SELECT id, groupname, attribute,           value, op FROM 
> radgroupreply           WHERE groupname = '%{Sql-Group}' ORDER BY id -> 
> SELECT id, groupname, attribute,           value, op FROM radgroupreply 
> WHERE groupname = 'DaNET 1280'           ORDER BY id
> rlm_sql (sql): Released sql socket id: 4
> ++[sql] returns ok
> [pap] WARNING! No "known good" password found for the user. 
> Authentication may fail because of this.
> ++[pap] returns noop
> Found Auth-Type = MSCHAP
> # Executing group from file /usr/local/etc/raddb/sites-enabled/default
> +- entering group MS-CHAP {...}
> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
> [mschap] Creating challenge hash with username: chmielewska_d
> [mschap] Client is using MS-CHAPv2 for chmielewska_d, we need NT-Password
> [mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect
> ++[mschap] returns reject
> Failed to authenticate the user.
> Using Post-Auth-Type REJECT
> # Executing group from file /usr/local/etc/raddb/sites-enabled/default
> +- entering group REJECT {...}
> [sql]  expand: %{User-Name} -> chmielewska_d
> [sql] sql_set_user escaped user --> 'chmielewska_d'
> [sql]  expand: %{User-Password} ->
> [sql]  ... expanding second conditional
> [sql]  expand: %{Chap-Password} ->
> [sql]  expand: INSERT INTO radpostauth 
> (username, pass, reply, authdate)                           VALUES 
> (                           '%{User-Name}', 
> '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> 
> INSERT INTO radpostauth (username, pass, reply, authdate) 
> VALUES (                           'chmielewska_d', 
> '', 'Access-Reject', '2013-01-31 14:34:55')
> rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, 
> pass, reply, authdate)                           VALUES 
> (                           'chmielewska_d',                           '', 
> 'Access-Reject', '2013-01-31 14:34:55')
> rlm_sql (sql): Reserving sql socket id: 3
> rlm_sql (sql): Released
>
>
> this log interesed me
> chmielewska_d is in database add
> why:
> +- entering group MS-CHAP {...}
> [mschap] No Cleartext-Password configured.  Cannot create LM-Password.
> [mschap] No Cleartext-Password configured.  Cannot create NT-Password.
> [mschap] Creating challenge hash with username: chmielewska_d
> [mschap] Client is using MS-CHAPv2 for chmielewska_d, we need NT-Password
> [mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect
> ++[mschap] returns reject
> ?

More information about the Freeradius-Users mailing list