Hi, Perfect! It solved my problem. Exactly what we wanted. Thanks so much, Heikki.
Regards, Roy Abu Bakar ________________________________ From: Heikki Vatiainen <[email protected]> To: Roy Abu Bakar <[email protected]> Cc: [email protected] Sent: Fri, June 17, 2011 11:08:34 AM Subject: Re: [RADIATOR] Encrypted Password On 06/16/2011 01:08 PM, Roy Abu Bakar wrote: Hello, > I really happy when I saw that option on the RAdmin configuration :) > I have change the format to Unix Crypt and then change my user password. > After that, I tried to logged in, but did not succeed. > I check the log and it said "Bad Password". > Is there any configuration that I have to configure after change the password > format? You need to change the <AuthBy RADMIN> config and add this option: EncryptedPassword Please see the reference manual ref.pdf for version 4.8 section "5.30.12 EncryptedPassword" for more about this option. Note that the chance will only affect new and changed passwords. If you already have users, their passwords will not be encrypted automatically. You should also install the patches for RAdmin. When the crypt option is turned on, the RAdmin admin passwords will also be encrypted when new admins are added or current admins change their passwords. The latest RAdmin patch fixes a bug with admin password check where admins can be locked out from the system when password encryption is turned on and the admin password is changed. Please do the following: - download the latest RAdmin patches - login to RAdmin - install at least the patched CGIUtil.pm - turn on password encryption if it is not on yet - change your admin password before logging out with List Admin User -> Search -> (select your admin and change the password) - the admin password should now be encrypted matching RAdmin's encryption settings This will ensure that your admin password gets successfully encrypted in sync with the RAdmin encryption settings. > Here is the log: This should be fixed once "EncryptedPassword" has been enabled. Thanks! > Thu Jun 16 12:53:21 2011: DEBUG: Handling with Radius::AuthRADMIN: > Thu Jun 16 12:53:21 2011: DEBUG: Handling with Radius::AuthRADMIN: > Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select PASS_WORD, STATICADDRESS, > TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from RADUSERS > where USERNAME='admin'': > Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select ATTR_ID, VENDOR_ID, > IVALUE, > SVALUE, ITEM_TYPE from RADSTCONFIG where NAME='Switches' order by ITEM_TYPE': > Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select ATTR_ID, VENDOR_ID, > IVALUE, > SVALUE, ITEM_TYPE from RADCONFIG where NAME='admin' order by ITEM_TYPE': > Thu Jun 16 12:53:21 2011: DEBUG: Radius::AuthRADMIN looks for match with > admin > [admin] > Thu Jun 16 12:53:21 2011: DEBUG: do query is: 'update RADUSERS set > BADLOGINS=BADLOGINS+1 where USERNAME='admin'': > Thu Jun 16 12:53:21 2011: DEBUG: Query is: 'select PASS_WORD, STATICADDRESS, > TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from RADUSERS > where USERNAME='DEFAULT'': > Thu Jun 16 12:53:21 2011: DEBUG: AuthBy result: REJECT, Bad Password > Thu Jun 16 12:53:21 2011: INFO: Access rejected for admin: Bad Password > Thu Jun 16 12:53:21 2011: DEBUG: Packet dump: > *** Sending to 10.0.0.200 port 1645 .... > Code: Access-Reject > Identifier: 14 > Authentic: X<128>t<249><148>bc<16><27><172><153><160><133><128><2><162> > Attributes: > Reply-Message = "Request Denied" -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
