[again] Error "[mschap] No Cleartext-Password configured. Cannot create LM-Password."
Alan DeKok
aland at deployingradius.com
Mon Jul 15 22:02:47 CEST 2013
Holger Wesser wrote:
> I've googled a while and found different solutions for the error
> message: [mschap] No Cleartext-Password configured. Cannot create
> LM-Password.
There's only one solution: give the server a "known good" password.
e.g. Cleartext-Password, or NT-Password.
> What I've done is, to establish the following setup: Debian 7.1, Samba3,
> OpenLDAP and freeradius 2.1.12 (everything on the same machine). A VPN
> gateway forwards the authentication requests to the freeradius-server.
PLEASE use "radiusd -X" as suggested everywhere. The additional "-x"
is not needed, and is just annoying.
The relevant output is:
[ldap] performing search in dc=example,dc=com, with filter (uid=testuser)
[ldap] Added User-Password = {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxx in check
items
SSHA passwords are fundamentally incompatible with MS-CHAP.
http://deployingradius.com/documents/protocols/compatibility.html
Alan DeKok.
More information about the Freeradius-Users
mailing list