On 03/11/2011 06:33 PM, [email protected] wrote:
Hi Radius People,
I am getting the message from sql authentication:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
From other posts the solution is to update the configuration to replace
the attribute "User-Password" to be "Cleartext-Password" in the radcheck
table.
In the radcheck table I actually have "Password" which probably get mapped
to User-Password and then the warning occurs.
If I change an entry in radcheck table to actually have Cleartext-Password
in the radcheck table I get:
====
[pap] WARNING! No "known good" password found for the user. Authentication may
fail because of this.
====
and it fails to authenticate (but does not produce the warning message ;-)
What might be causing the attribute "Password" from the table to get
mapped to "User-Password" and what is suggested that I change to have
radius be happy?
johnh...
To make radius happy follow the very clear instructions from the warning
message ;-)
There is no mapping of Password to User-Password. The correct attribute
is Cleartext-Password in the radcheck table, assure that is the value in
the table and that is the value being returned from the SQL query.
Something else is going on, but we can't tell what because you didn't
include the full output of radiusd -X, but before you post it
you should carefully *read* the output of radiusd -X, it will show you
what values are being returned and how the processing proceeds. If after
you've very carefully read the output *yourself* and and you're still
stuck then post it here.
--
John Dennis <[email protected]>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
