On Mon, Jul 11, 2005 at 03:40:32PM -0600, Vladimir Vuksan wrote: > I believe this is incorrect. You may want to split off the two password > hashes and put them in separate variables ie. LM-Password and > NT-Password. User-Password usually refers to either a crypted or > cleartext password.
I think you are correct! I have tried splitting the password into two seperate parts: mysql> select * from radcheck where UserName ="testacct"; +------+----------+-------------+----+----------------------------------+ | id | UserName | Attribute | op | Value | +------+----------+-------------+----+----------------------------------+ | 697 | testacct | NT-Password | == | 8503P0UI042LADKP3M13B449051404EE | | 2513 | testacct | LM-Password | == | BEO04PD4LA909194D58181AFS44KE005 | +------+----------+-------------+----+----------------------------------+ 2 rows in set (0.00 sec) I receive logs similar to what is received when logging in with a "bad password", as before. I have even swapped two values with each other (NT for LM). MS-CHAP failed. --johnk - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
