rlm_cache NT-Password with EAP-PEAP

[Sherker, Donald]

> i.e. the *cache* module returns “updated”.  That can be fixed.  Just add “ok” after “cache.authorize”:
>
>Auth-Type MS-CHAP {
>       mschap
>       cache.authorize
>      ok
>}

I have made the recommended change, but I am still getting the same result.  The only difference I can see in the log is the [ok] = ok towards the end of MS-CHAP section.


(7) eap_mschapv2:   Auth-Type MS-CHAP {
(7) mschap: Found Cleartext-Password, hashing to create NT-Password
(7) mschap: Found Cleartext-Password, hashing to create LM-Password
(7) mschap: Creating challenge hash with username: qaresdon
(7) mschap: Client is using MS-CHAPv2
(7) mschap: Adding MS-CHAPv2 MPPE keys
(7)     [mschap] = ok
(7) cache: EXPAND %{User-Name}%{outer.request:Calling-Station-Id}
(7) cache:    --> qaresdone899c47233d8
(7) cache: No cache entry found for "qaresdone899c47233d8"
(7) cache: Creating new cache entry
(7) cache: EXPAND %{control:NT-Password}
(7) cache:    --> 0x5835048ce94ad0564e29a924a03510ef
(7) cache:   control:NT-Password := 0x5835048ce94ad0564e29a924a03510ef
(7) cache: EXPAND %{control:LM-Password}
(7) cache:    --> 0xe52cac67419a9a2238f10713b629b565
(7) cache:   control:LM-Password := 0xe52cac67419a9a2238f10713b629b565
(7) cache: Merging cache entry into request
(7) cache:   &control:NT-Password := 0x5835048ce94ad0564e29a924a03510ef
(7) cache:   &control:LM-Password := 0xe52cac67419a9a2238f10713b629b565
(7) cache: Commited entry, TTL 86400 seconds
(7)     [cache.authorize] = updated
(7)     [ok] = ok
(7)   } # Auth-Type MS-CHAP = updated
(7) eap: Freeing handler
(7)       [eap] = reject
(7)     } # authenticate = reject


Thanks,

Don



________________________________

CONFIDENTIALITY NOTICE: This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. **If you are not the intended recipient of this e-mail, please notify the sender immediately by return e-mail, purge it and do not disseminate or copy it.