On Wed, 6 Nov 2002, Alan DeKok wrote: > Brian Johnson <[EMAIL PROTECTED]> wrote: > > Here's the debugging info as requested. In my users file, I added: > > > > DEFAULT Auth-Type = Kerberos > > Reply-Message = "Hello, Brian" > > Try 'Auth-Type := Kerberos', I think.
Ah, it does make a difference....I had tried it once with and once without the ':' when troubleshooting before, and left it out when I was getting debugging info. Although I don't have the debugging info from my 0.7.1 server, I do remember it returning: modcall: group authorize returns ok rad_check_password: Found Auth-Type Kerberos auth: type "Kerberos" auth: Failed to validate the user. after I made the change (the above is from the debugging info from the latest snapshot, but should be similar, if not the same to what I saw from 0.7.1). > > > modcall[authorize]: module "files" returns notfound > > modcall: group authorize returns ok > > auth: No authenticate method (Auth-Type) configuration found for the request: >Rejecting the user > > Hmm... can you try this using the latest CVS version? I think > there's a bugfix there which may help. No problem. With DEFAULT Auth-Type := Kerberos Reply-Message = "Hello, Brian" at the top of my users file and using the command "radtest mbjohn [password] 152.3.2.153 0 testing123" on the remote client, here's the debugging information from the latest snapshot: Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. Thread 4 waiting to be assigned a request Thread 5 waiting to be assigned a request rad_recv: Access-Request packet from host 152.16.0.183:1031, id=168, length=55 Thread 1 assigned request 0 --- Walking the entire request list --- Threads: total/active/spare threads = 5/1/4 Waking up in 5 seconds... Thread 1 handling request 0, (1 handled so far) User-Name = "mbjohn" User-Password = "[password]" NAS-IP-Address = 255.255.255.255 NAS-Port-Id = "0" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module "chap" returns noop modcall[authorize]: module "mschap" returns notfound rlm_realm: No '@' in User-Name = "mbjohn", looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 4 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type Kerberos auth: type "Kerberos" auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request Thread 1 waiting to be assigned a request rad_recv: Access-Request packet from host 152.16.0.183:1031, id=168, length=55 Sending Access-Reject of id 168 to 152.16.0.183:1031 Reply-Message = "Hello, Brian" --- Walking the entire request list --- Threads: total/active/spare threads = 5/0/5 Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 168 with timestamp 3dc9706d Nothing to do. Sleeping until we see a request. And on the remote client I got: Sending Access-Request of id 168 to 152.3.2.153:1812 User-Name = "mbjohn" User-Password = "\36286i\354\223~\202H\2663D\221\027X\344" NAS-IP-Address = user-0-183.wireless.duke.edu NAS-Port-Id = "0" Re-sending Access-Request of id 168 to 152.3.2.153:1812 User-Name = "mbjohn" User-Password = "\36286i\354\223~\202H\2663D\221\027X\344" NAS-IP-Address = user-0-183.wireless.duke.edu NAS-Port-Id = "0" rad_recv: Access-Reject packet from host 152.3.2.153:1812, id=168, length=34 Reply-Message = "Hello, Brian" These are also the results I got when I made the 'Auth-Type := ' change on the 0.7.1 server and ran it from the remote client. As always, I'm happy to provide any additional information. Thanks! Brian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html