Re: Issues with rlm_pap

2007-03-20 Thread Alan DeKok 
Deramus, Chris wrote:
> Thanks so much for the response, I wasn't aware that the (md5) header
> needed to be in the database.

  See the README && the comments above the "pap" section in
radiusd.conf.  They say to read "man rlm_pap", which explains this.

  If you don't want to update the "value" field to add {md5}, you can
change the attribute name to MD5-Password.  If you don't want to do
either, change the PAP configuration back to what you had in 1.1.3.

  Alan DeKok.
--
  http://deployingradius.com   - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Issues with rlm_pap

2007-03-20 Thread Deramus, Chris 
Alan,

Thanks so much for the response, I wasn't aware that the (md5) header
needed to be in the database. The requested information is below:

UserNameAttribute   Value
op
test.user   Password
c1dd8z473d9gf5c13b0d89b32d15333 :=

-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
us.org] On Behalf Of Alan DeKok
Sent: Tuesday, March 20, 2007 5:43 AM
To: FreeRadius users mailing list
Subject: Re: Issues with rlm_pap

Deramus, Chris wrote:
> This no longer seems to work, as FreeRADIUS seems to be attempting to 
> compare the clear-text password with the MD5 password returned from 
> the database. I'm guessing it's an oversight on my end, and wanted to 
> see if anyone on this list noticed anything. I have included portions 
> of my radiusd.conf and users files which are pertinent to this issue.

  Can you post what's in your SQL database?  i.e. attribute name,
operator, and value.

  I suspect that the contents of the User-Password are the MD5 hash,
rather than the {md5} header followed by the MD5 hash.

  Alan DeKok.
--
  http://deployingradius.com   - The web site of the book
  http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Issues with rlm_pap

2007-03-20 Thread Alan DeKok 
Deramus, Chris wrote:
> This no longer seems to work, as FreeRADIUS seems to be attempting to
> compare the clear-text password with the MD5 password returned from the
> database. I'm guessing it's an oversight on my end, and wanted to see if
> anyone on this list noticed anything. I have included portions of my
> radiusd.conf and users files which are pertinent to this issue. 

  Can you post what's in your SQL database?  i.e. attribute name,
operator, and value.

  I suspect that the contents of the User-Password are the MD5 hash,
rather than the {md5} header followed by the MD5 hash.

  Alan DeKok.
--
  http://deployingradius.com   - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html