Alan, I've solved my problems already... I've even finished the custom modification to dialup-admin which takes care of changing the Crypt-Passwords to User-Passwords for users accessing the new services. Thanks for clearing things up...
>> btest | NT-Password | == | NT-hashbla-bla-bla^&&@0-3443 >> btest | Crypt-Password | == | $$KyUhHIHD$R7mAm4rPX1q4WTEJY5rKQ1 > Which is exactly what I keep saying is not needed, and is causing > problems for you. OK, I understood your point, but would you be so kind to explain WHY do you think it is such a bad idea (besides the fact that it doesn't work with the current version of rlm_sql)... The solution seems to be perfectly logical: - none of the network technitians on-site can abuse user's passwords since they are encrypted and supposedly beyound their cracking abilities, and both PAP and MS-CHAP should work... OK, again, it doesn't work NOW, but why shouldn't it? What's so evil about this configuration? Btw, in freeradius FAQ you, guys, claim, that PAP is better than CHAP because it allows storing passwords in encrypted form. I kinda agree with that... Why do you now claim that storing in clear text is better? Ok, it is less headache for me, but what about privacy rights of my users? Thanks Alex - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html