Hi,
we have the same problem. The radius.log is looking like this, with Active Directory Auth
my Passwort for XXXXXXXXXXXXX
Quote:
Thread 3 got semaphore
Thread 3 handling request 0, (1 handled so far)
[<thread>] # Executing section authorize from file /etc/freeradius/sites-enabled/default
[<thread>] +- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "i001000", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
rlm_perl: Added pair User-Name = i001000
rlm_perl: Added pair User-Password = XXXXXXXXXXXccccccdcbgjjvevrkgvlnlkcrntblltlicgvcgcelkdj
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
++[perl] returns ok
[files] users: Matched entry DEFAULT at line 147
++[files] returns ok
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
Waking up in 1.4 seconds.
Waking up in 2.2 seconds.
Waking up in 3.3 seconds.
Discarding duplicate request from client 1_127.0.0.1 port 48663 - ID: 62 due to unfinished request 0
Waking up in 3.1 seconds.
rlm_perl: Added pair User-Name = i001000
rlm_perl: Added pair User-Password = XXXXXXXXXXXX
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair Class =
rlm_perl: Added pair Auth-Type = PAP
++[perl] returns ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Finished request 0.
Going to the next request
Thread 3 waiting to be assigned a request
Waking up in 2.6 seconds.
Cleaning up request 0 ID 62 with timestamp +16
Ready to process requests.
Thread 3 handling request 0, (1 handled so far)
[<thread>] # Executing section authorize from file /etc/freeradius/sites-enabled/default
[<thread>] +- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "i001000", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
rlm_perl: Added pair User-Name = i001000
rlm_perl: Added pair User-Password = XXXXXXXXXXXccccccdcbgjjvevrkgvlnlkcrntblltlicgvcgcelkdj
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
++[perl] returns ok
[files] users: Matched entry DEFAULT at line 147
++[files] returns ok
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
Waking up in 1.4 seconds.
Waking up in 2.2 seconds.
Waking up in 3.3 seconds.
Discarding duplicate request from client 1_127.0.0.1 port 48663 - ID: 62 due to unfinished request 0
Waking up in 3.1 seconds.
rlm_perl: Added pair User-Name = i001000
rlm_perl: Added pair User-Password = XXXXXXXXXXXX
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair Class =
rlm_perl: Added pair Auth-Type = PAP
++[perl] returns ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Finished request 0.
Going to the next request
Thread 3 waiting to be assigned a request
Waking up in 2.6 seconds.
Cleaning up request 0 ID 62 with timestamp +16
Ready to process requests.
So is there a way to stop freeradius to write down the userpasswords without deaktivation logging. (at least on trouble shooting i will need a log, but never want or need to know any user passwords)
Also in the Troubleshoot Menu i can see the password.
Thanks for you help
Tobias