Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- radtest test .CPNV-123 localhost 0 testing123
- rad_recv: Access-Request packet from host 127.0.0.1 port 32787, id=199, length=80
- User-Name = "test"
- User-Password = ".CPNV-123"
- NAS-IP-Address = 172.20.1.20
- NAS-Port = 1812
- Message-Authenticator = 0xb3ca6f144d934df985672ac767afe945
- Framed-Protocol = PPP
- # Executing section authorize from file /etc/freeradius/sites-enabled/default
- +group authorize {
- ++[preprocess] = ok
- ++[chap] = noop
- ++[mschap] = noop
- ++[digest] = noop
- [suffix] No '@' in User-Name = "test", looking up realm NULL
- [suffix] No such realm "NULL"
- ++[suffix] = noop
- [eap] No EAP-Message, not doing EAP
- ++[eap] = noop
- [files] users: Matched entry DEFAULT at line 1
- ++[files] = ok
- ++[expiration] = noop
- ++[logintime] = noop
- [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
- ++[pap] = noop
- +} # group authorize = ok
- Found Auth-Type = ntlm_auth
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group ntlm_auth {
- [ntlm_auth] expand: --username=%{mschap:User-Name} -> --username=test
- [ntlm_auth] expand: --password=%{User-Password} -> --password=.CPNV-123
- WARNING: The "idmap uid" option is deprecated
- WARNING: The "idmap gid" option is deprecated
- Exec output: NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
- Exec plaintext: NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
- [ntlm_auth] Exec: program returned: 1
- ++[ntlm_auth] = reject
- +} # group ntlm_auth = reject
- Failed to authenticate the user.
- Using Post-Auth-Type REJECT
- # Executing group from file /etc/freeradius/sites-enabled/default
- +group REJECT {
- [attr_filter.access_reject] expand: %{User-Name} -> test
- attr_filter: Matched entry DEFAULT at line 11
- ++[attr_filter.access_reject] = updated
- +} # group REJECT = updated
- Delaying reject of request 3 for 1 seconds
- Going to the next request
- Waking up in 0.9 seconds.
- Sending delayed reject for request 3
- Sending Access-Reject of id 199 to 127.0.0.1 port 32787
- Waking up in 4.9 seconds.
- Cleaning up request 3 ID 199 with timestamp +628
- Ready to process requests.
- [ 2677]: request interface version (version = 27)
- [ 2677]: request location of privileged pipe
- [ 2677]: request misc info
- [ 2677]: pam auth RADIUS+test
- child daemon request 13
- [ 2435]: dual pam auth RADIUS+test
- attempting to make a user_info for test (test)
- making strings for test's user_info struct
- making blobs for test's user_info struct
- Making default auth method list for server role = 'domain member'
- load_auth_module: Attempting to find an auth method to match guest
- load_auth_module: auth method guest has a valid init
- load_auth_module: Attempting to find an auth method to match sam
- load_auth_module: auth method sam has a valid init
- load_auth_module: Attempting to find an auth method to match winbind:ntdomain
- load_auth_module: Attempting to find an auth method to match ntdomain
- load_auth_module: auth method ntdomain has a valid init
- load_auth_module: auth method winbind has a valid init
- check_ntlm_password: Checking password for unmapped user [RADIUS][test]@[RADIUS] with the new password interface
- check_ntlm_password: mapped user is: [RADIUS][test]@[RADIUS]
- [0000] A0 E0 F9 B0 DE 6B 96 C2 .....k..
- pdb_getsampwnam (TDB): error fetching database.
- Key: USER_test
- check_sam_security: Couldn't find user 'test' in passdb.
- check_ntlm_password: sam authentication for user [test] FAILED with error NT_STATUS_NO_SUCH_USER
- check_ntlm_password: Authentication for user [test] -> [test] FAILED with error NT_STATUS_NO_SUCH_USER
- Plain-text authentication for user RADIUS+test returned NT_STATUS_NO_SUCH_USER (PAM: 10)
- Finished processing child request 13
- child daemon request 20
- [ 2435]: list trusted domains
- samr: trusted domains
- Create pipe requested lsarpc
- Created internal pipe lsarpc
- _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
- but overritten by euid == initial uid
- _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted: 0x000f0fff)
- Finished processing child request 20
- Already reaped child 2718 died
- child daemon request 20
- [ 2435]: list trusted domains
- samr: trusted domains
- Create pipe requested lsarpc
- Created internal pipe lsarpc
- _lsa_OpenPolicy2: ACCESS should be DENIED (requested: 0x000f0fff)
- but overritten by euid == initial uid
- _lsa_OpenPolicy2: access GRANTED (requested: 0x000f0fff, granted: 0x000f0fff)
- Finished processing child request 20
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement