Auth-Type:=Reject troubles

Mon, 12 Aug 2002 12:30:38 -0700 

I have installed FreeRadius 0.6 and then FreeRadius 0.7 on our server.
But, we now have a trouble - I need to disable one account.
We use PostgreSQL for managing our users database.

We made user-group "frozen" with Auth-Type:=Reject :
radius=# SELECT * FROM radgroupreply WHERE groupname='frozen';
 id | groupname | attribute | value  | op 
----+-----------+-----------+--------+----
 13 | frozen    | Auth-Type | Reject | :=
(1 row)

And also I inserted similar reply but for username 'baron':
radius=# SELECT * FROM radreply WHERE username='baron';
 id | username | attribute | value  | op 
----+----------+-----------+--------+----
 18 | baron    | Auth-Type | Reject | :=
(1 row)

But it seems to me, it doesn't work:

[baron@aqua baron]$ radtest baron xxxxxx localhost 0 testing123
Sending Access-Request of id 252 to 127.0.0.1:1812
        User-Name = "baron"
        User-Password = "\202G\341\304\022: \223\334\253\037(1q\031$"
        NAS-IP-Address = aqua
        NAS-Port-Id = "0"
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=252,
length=20

(Result = Access-Accept).

Then I took output of radiusd -X:

[baron@aqua baron]$ cat query.sql 
SELECT id,UserName,Attribute,Value FROM radreply WHERE Username =
'baron' ORDER BY id;
SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgro
upreply.Value FROM radgroupreply,usergroup WHERE usergroup.Username =
'baron' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id;
SELECT Value,Attribute FROM radcheck WHERE UserName = 'baron' AND (
Attribute = 'User-Password' OR Attribute = 'Crypt-Password' ) ORDER BY
Attribute DESC;

And here are results:

[baron@aqua baron]$ psql radius postgres <query.sql 
 id | username | attribute | value  
----+----------+-----------+--------
 18 | baron    | Auth-Type | Reject
(1 row)

 id | groupname | attribute | value  
----+-----------+-----------+--------
 13 | frozen    | Auth-Type | Reject
(1 row)

 value  |   attribute   
--------+---------------
 xxxxxx | User-Password
(1 row)

Please tell me, how to disable one username or groupname? What am I
doing wrong? If not, how to fix problem?
Thanks for advice.
--
Balkin Ruslan

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to