What do the log files say? Is an accept/reject packet being sent, or is the request just terminating part way through (or even not reaching the radiusd)?
If you can't pull the logs for any reason, a packet capture will do the same job. Only thing I can think of that directly relates to any sort of length, is that if you were running close to a fragment size limit, a longer password could trigger an issue. Start with the log files before tweaking your config though. Adam Bishop Access & Identity Management Janet, the UK’s education and research network On 2 Jun 2012, at 20:59, Johnson, Neil M wrote: > Hmm, I've checked with our AD folks and they claim that they can handle 254 > characters (127 unicode) as welll. > > The odd thing is we have 2 Wireless SSID's using the same RADIUS server (a > local one, and eduroam). A user is having issues with a 28 character password > on eduroam, but not on the local one. I don't see a difference in the > Handlers for the different SSID's that would result in this issue. > > Any ideas would be appreciated. > > Thanks. > -Neil > > ________________________________________ > From: Hugh Irvine [[email protected]] > Sent: Saturday, June 02, 2012 3:28 AM > To: Johnson, Neil M > Cc: Radiator Mailing List [[email protected]] > Subject: Re: [RADIATOR] Password Length Limits > > Hello Neil - > > The User-Password attribute can contain 254 characters, but the password > length is usually limited by whatever user credential database you are using. > > In your case I would imagine that AD is the limiting factor. > > regards > > Hugh > > > On 2 Jun 2012, at 05:00, Johnson, Neil M wrote: > >> Anyone, >> >> Is there a limit to the size of password that can be used with RADIUS and/or >> RADIATOR? We have users trying to use passwords > 25 characters long and >> they are unable to authenticate. >> >> Specifically, we are using PEAP/MS-CHAP-V2 with AuthByLSA to our AD Domain. >> >> >> Thanks! >> -Neil >> >> _______________________________________________ >> radiator mailing list >> [email protected] >> http://www.open.com.au/mailman/listinfo/radiator > > > -- > > Hugh Irvine > [email protected] > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > DIAMETER etc. > Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator Janet is a trading name of The JNT Association, a company limited by guarantee which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
