On Wed, 6 Nov 2002, Alan DeKok wrote:
> Brian Johnson <[EMAIL PROTECTED]> wrote:
> > Here's the debugging info as requested. In my users file, I added:
> >
> > DEFAULT Auth-Type = Kerberos
> > Reply-Message = "Hello, Brian"
>
> Try 'Auth-Type := Kerberos', I think.
Ah, it does make a difference....I had tried it once with and once without
the ':' when troubleshooting before, and left it out when I was getting
debugging info. Although I don't have the debugging info from my 0.7.1
server, I do remember it returning:
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Kerberos
auth: type "Kerberos"
auth: Failed to validate the user.
after I made the change (the above is from the debugging info from the
latest snapshot, but should be similar, if not the same to what I saw from
0.7.1).
>
> > modcall[authorize]: module "files" returns notfound
> > modcall: group authorize returns ok
> > auth: No authenticate method (Auth-Type) configuration found for the request:
>Rejecting the user
>
> Hmm... can you try this using the latest CVS version? I think
> there's a bugfix there which may help.
No problem. With
DEFAULT Auth-Type := Kerberos
Reply-Message = "Hello, Brian"
at the top of my users file and using the command "radtest mbjohn
[password] 152.3.2.153 0 testing123" on the remote client, here's the
debugging information from the latest snapshot:
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
Thread 4 waiting to be assigned a request
Thread 5 waiting to be assigned a request
rad_recv: Access-Request packet from host 152.16.0.183:1031, id=168, length=55
Thread 1 assigned request 0
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/1/4
Waking up in 5 seconds...
Thread 1 handling request 0, (1 handled so far)
User-Name = "mbjohn"
User-Password = "[password]"
NAS-IP-Address = 255.255.255.255
NAS-Port-Id = "0"
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
modcall[authorize]: module "chap" returns noop
modcall[authorize]: module "mschap" returns notfound
rlm_realm: No '@' in User-Name = "mbjohn", looking up realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched DEFAULT at 4
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Kerberos
auth: type "Kerberos"
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
Thread 1 waiting to be assigned a request
rad_recv: Access-Request packet from host 152.16.0.183:1031, id=168, length=55
Sending Access-Reject of id 168 to 152.16.0.183:1031
Reply-Message = "Hello, Brian"
--- Walking the entire request list ---
Threads: total/active/spare threads = 5/0/5
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 168 with timestamp 3dc9706d
Nothing to do. Sleeping until we see a request.
And on the remote client I got:
Sending Access-Request of id 168 to 152.3.2.153:1812
User-Name = "mbjohn"
User-Password = "\36286i\354\223~\202H\2663D\221\027X\344"
NAS-IP-Address = user-0-183.wireless.duke.edu
NAS-Port-Id = "0"
Re-sending Access-Request of id 168 to 152.3.2.153:1812
User-Name = "mbjohn"
User-Password = "\36286i\354\223~\202H\2663D\221\027X\344"
NAS-IP-Address = user-0-183.wireless.duke.edu
NAS-Port-Id = "0"
rad_recv: Access-Reject packet from host 152.3.2.153:1812, id=168,
length=34
Reply-Message = "Hello, Brian"
These are also the results I got when I made the 'Auth-Type := ' change on
the 0.7.1 server and ran it from the remote client.
As always, I'm happy to provide any additional information.
Thanks!
Brian
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
