(RADIATOR) Shadow Perl module and Radiator

Pascal Robert pascal at team.inter.net
Fri Aug 17 07:28:09 CDT 2001 

> 
> Hello Pascal -
> 
> I have just noticed this in the trace output:
> 
>>>> Wed Aug 15 13:07:11 2001: DEBUG: Handling with Radius::AuthSYSTEM
>>>> Wed Aug 15 13:07:11 2001: DEBUG: getpwnam got test2001, *NP*, 8878, 700,
>>>> , , Test Test, /home/test2001, /bin/ksh
>>>> Wed Aug 15 13:07:11 2001: DEBUG: Radius::AuthSYSTEM looks for match with
>>>> test2001
>>>> Wed Aug 15 13:07:11 2001: DEBUG: Radius::AuthSYSTEM REJECT_IMMEDIATE:
>>>> Bad Encrypted password
>>>> Wed Aug 15 13:07:11 2001: INFO: Access rejected for test2001: Bad
>>>> Encrypted password
> 
> Notice the "*NP*" for the password field - this will always be a Bad
> Encrypted Password.
> 
> What happens when you use an AuthBy UNIX and point it at the shadow password
> file (usually /etc/shadow)?

All users are in NIS+.  When I use <AuthBy NIS+>, I get a Access-Reject but
the reason of the failure is empty in the log and the reply.  Using standard
fields and tables of NIS+.

> On Thursday 16 August 2001 22:16, Pascal Robert wrote:
>> I'm using radpwtest to test it, it's using PAP right ?
>> 
>>> Hello Pascal -
>>> 
>>> It looks like you are using CHAP authentication? If so, it won't work.
>>> 
>>> You can only use PAP authentication with encrypted passwords.
>>> 
>>> hth
>>> 
>>> Hugh
>>> 
>>> On Thursday 16 August 2001 03:20, Pascal Robert wrote:
>>>> Hi,
>>>> 
>>>> I'm trying to get a legacy realm working, it's a Solaris 2.6 SPARC
>>>> system. I installed the Shadow module as indicated in the documentation
>>>> (in fact, it's two modules: Shadowf.pm and Shadows.pm), but all auth
>>>> fails:
>>>> 
>>>> Wed Aug 15 13:07:11 2001: DEBUG: Handling with Radius::AuthSYSTEM
>>>> Wed Aug 15 13:07:11 2001: DEBUG: getpwnam got test2001, *NP*, 8878, 700,
>>>> , , Test Test, /home/test2001, /bin/ksh
>>>> Wed Aug 15 13:07:11 2001: DEBUG: Radius::AuthSYSTEM looks for match with
>>>> test2001
>>>> Wed Aug 15 13:07:11 2001: DEBUG: Radius::AuthSYSTEM REJECT_IMMEDIATE:
>>>> Bad Encrypted password
>>>> Wed Aug 15 13:07:11 2001: INFO: Access rejected for test2001: Bad
>>>> Encrypted password
>>>> 
>>>> This is the realm in my configuration file:
>>>> 
>>>> <Realm mlink.net>
>>>>         RewriteUsername s/^([^@]+).*/$1/
>>>>         RewriteUsername tr/A-Z/a-z/
>>>>         RejectHasReason
>>>>         AcctLogFileName %L/detail.%Y%m%d
>>>>         PasswordLogFileName %L/mlink.passwd.%Y%m%d
>>>> 
>>>>         <AuthBy SYSTEM>
>>>> 
>>>>                 UseGetspnamf
>>>> 
>>>>         </AuthBy>
>>>> </Realm>
>>>> 
>>>> 
>>>> All accounts that I tested are showing the same behaviour, even if the
>>>> password on the system are all good.
>>>> 
>>>> Any ideas ?

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list