Hi there ! Could someone please assisst me in configuring FreeRADIUS? I'm quite new to FR and migrated a server from 0.6 on Solaris 8/SPARC to 1.1.7 on Solaris 10/x64.
On the old server, the users were authenticated by regular /etc/passwd means. I got this working on the new server. As there are some new features in the later versions, I'd prefer to move the RADIUS users to a separate smbpasswd-like file but I can't get the authentication to work. Some questions: The old server querying itself for a /etc/passwd user: [EMAIL PROTECTED] # ./radtest frank XXX localhost 10 test123 Sending Access-Request of id 161 to 127.0.0.1:1812 User-Name = "frank" User-Password = "D[\326<\255h\016A\275\357"%\367\027_y" NAS-IP-Address = XXX NAS-Port-Id = "10" rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=161, length=20 [EMAIL PROTECTED] # The old server querying the new one for a /etc/passwd user: [EMAIL PROTECTED] # ./radtest frank XXX new 10 test123 Sending Access-Request of id 216 to 10.1.1.12:1812 User-Name = "frank" User-Password = "T)n\244Lec\226\246)[EMAIL PROTECTED]&%" NAS-IP-Address = XXX NAS-Port-Id = "10" rad_recv: Access-Accept packet from host 10.1.1.12:1812, id=216, length=20 [EMAIL PROTECTED] # The new server querying itself for the exact same user as above: [EMAIL PROTECTED] ./radtest frank XXX localhost 10 test123 Sending Access-Request of id 177 to 127.0.0.1 port 1812 User-Name = "frank" User-Password = "XXX" NAS-IP-Address = 255.255.255.255 NAS-Port = 10 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=177, length=20 [EMAIL PROTECTED] Why is the password displayed in plain text instead of hashed as on the old server? And how do I configure a separate user file? Currently, I have passwd radpasswd { filename = /opt/freeradius/etc/radpasswd #format = "*User-Name::LM-Password:NT-Password:SMB-Account-CTRL-TEXT::" format = "*User-Name:LM-Password:NT-Password:" delimiter = ":" # authtype = MS-CHAP authtype = PAP hashsize = 0 ignorenislike = yes allowmultiplekeys = no } with radpasswd looking like frank:A:B:Frank Winkler with A and B created by "smbencrypt". I'm pretty unsure about the "authtype". I can post debug outout of radiusd but it looks like it finds the user in the file but cannot authenticate the password. TIA fw - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html