MSCHAP Issues
J Kephart
jkephart at safetynetaccess.com
Mon Jul 29 17:23:01 CEST 2019
On 7/27/19 1:03 PM, Sven Hartge wrote:
> On 27.07.19 01:20, Alan DeKok wrote:
>
>> I suspect what's happening is that SQL contains the user name as "54:72:4F:69:14:B1", and not as "54-72-4F-69-14-B1'".
>
Sven and Alan,
Yes, we're using MACs in a lab scenario to test what the client is
reporting. What's strange about this is that FR reports that no
cleartest-password can be found, yet when we run the radcheck query
from the debug output, we get the following:
SELECT id, username, attribute, value, op FROM radcheck WHERE username =
'54-72-4F-69-14-B1' ORDER BY id;
+-------+-------------------+--------------------+-------------------+----+
| id | username | attribute | value | op |
+-------+-------------------+--------------------+-------------------+----+
| 13758 | 54-72-4F-69-14-B1 | Cleartext-Password | 54-72-4F-69-14-B1 | := |
+-------+-------------------+--------------------+-------------------+----+
As you can see, the password is there, as is the username, in hyphenated
form. We do no manipulation of the username at all, simply accepting
what we receive.
So, if we can run the query and get the expected results, why is FR
giving us the error? Or, what are we doing wrong on the DB side? In my
company, our radius team is a team of one -- me -- and I am truly trying
the learn and understand as I much as I can, so I can fix this, and be
able to recognize and diagnose any future recurrences.
I thank you both for your time.
-- Jim
More information about the Freeradius-Users
mailing list