On Mon, 2 Aug 2004 13:01:13 +0200
jesk <[EMAIL PROTECTED]> wrote:
> Hi,
>
> is there a way to disable casesensitive password checks?
> The problem is that our old Server doesnt match for casesensitive
> passwords, and some customer passwords arent correct for casesensitive
> matchs.
>
>
> regards,
>
> christian
>
Hi again,
i didnt found anything out for case insensitive password mode, in cause
of that i changed all passwords to lower case and activated
'lower_pass=before' in radiusd.conf, but now i got a new problem with
that configuration, the CHAP-Password Authentication doesnt work
anymore.
I dont know whats happening exactly, but could it be, that this function
changes the case of the crypted CHAP-Password?
What could i do to stop this, if this is the case?
thanks for any help!
following my configuration:
---------------------------
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd
log_file = ${logdir}/radius.log
libdir = ${exec_prefix}/lib
pidfile = ${run_dir}/radiusd.pid
max_request_time = 120
delete_blocked_requests = no
cleanup_delay = 10
max_requests = 71680
bind_address = *
port = 0
hostname_lookups = no
allow_core_dumps = no
regular_expressions = no
extended_expressions = no
log_stripped_names = yes
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes
usercollide = no
lower_user = no
lower_pass = after
nospace_user = no
nospace_pass = no
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = no
}
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf
$INCLUDE ${confdir}/clients.conf
snmp = no
$INCLUDE ${confdir}/snmp.conf
thread pool {
start_servers = 64
max_servers = 128
min_spare_servers = 16
max_spare_servers = 32
max_requests_per_server = 0
}
modules {
$INCLUDE ${confdir}/sqlcounter.conf
pap {
encryption_scheme = clear
}
chap {
authtype = CHAP
}
mschap {
authtype = MS-CHAP
}
realm realmpercent {
format = suffix
delimiter = "%"
}
preprocess {
huntgroups = ${confdir}/huntgroups
hints = ${confdir}/hints
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
}
files {
usersfile = ${confdir}/users
compat = no
}
detail radrelay {
detailfile = ${radacctdir}/detail-combined
detailperm = 0755
dirperm = 0777
locking = yes
}
detail auth_log {
detailfile =
${radacctdir}/auth/%{Client-IP-Address}/%d-day.log
detailperm = 0600
}
detail reply_log {
detailfile =
${radacctdir}/auth-reply/%{Client-IP-Address}/%d-day.log
detailperm = 0600
}
acct_unique {
key = "Acct-Session-Id, NAS-IP-Address, NAS-Port-Id"
}
$INCLUDE ${confdir}/sql.conf
attr_filter {
attrsfile = ${confdir}/attrs
}
counter daily {
filename = ${raddbdir}/db.daily
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Daily-Session-Time
check-name = Max-Daily-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
counter weekly {
filename = ${raddbdir}/db.weekly
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
counter-name = Weekly-Session-Time
check-name = Max-Weekly-Session
allowed-servicetype = Framed-User
cache-size = 5000
}
always fail {
rcode = fail
}
always reject {
rcode = reject
}
always ok {
rcode = ok
simulcount = 0
mpp = no
}
expr {
}
digest {
}
exec {
wait = yes
input_pairs = request
}
exec echo {
wait = yes
program = "/bin/echo %{User-Name}"
input_pairs = request
output_pairs = reply
}
ippool main_pool {
range-start = 192.168.1.1
range-stop = 192.168.3.254
netmask = 255.255.255.0
cache-size = 800
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
override = no
}
}
instantiate {
expr
daily
weekly
}
authorize {
preprocess
auth_log
chap
mschap
realmpercent
daily
weekly
files
sql
noresetcounter
dailycounter
monthlycounter
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
}
preacct {
preprocess
realmpercent
}
accounting {
acct_unique
radrelay
sql
}
session {
sql
}
post-auth {
reply_log
}
pre-proxy {
}
post-proxy {
}
---------------------
best regards,
christian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
