Alexander Khoo wrote:
Hi all,
My goal is to use Freeradius with the sql module for authenticating
users. I'm using version 0.9.3 (installed from rpms i created with the
specfile that came with the tarball).I've been working
off of this tutorial: http://www.frontios.com/freeradius.html
I got but then I proceeded to follow the instructions for sql and have
run in to some trouble. I followed all of the required steps and am unable
to authenticate. I'm using the following command to test the server:
...snip...
radius_xlat: 'alexander'
rlm_sql (sql): sql_set_user escaped user --> 'alexander'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'alexander' ORDER BY id'
Checked for alexander in radcheck.
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'alexander' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
Checked for alexander in radgroupcheck and usergroup.
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'alexander' ORDER BY id'
Checked for alexander in radreply.
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
usergroup.Username = 'alexander' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
Checked for alexander in radgroupreply and usergroup.
rlm_sql (sql): No matching entry in the database for request from user [alexander]
Did not find sufficient information in db.
...snip...
And here's the only entry in my radcheck table:
+----+----------+-----------+----+---------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+---------+
| 1 | alexander| Password | == | password|
+----+----------+-----------+----+---------+
I think you need an entry in usergroup.
This is the sample data I use for testing:
NOTE: The delete lines will EMPTY your tables. NOTE: The encrypted password for troll is "skunk" in MD5.
---8< cuthere >8--- delete from usergroup ; insert into usergroup (username,groupname) values('fredf','ppp-unlimited'); insert into usergroup (username,groupname) values('barneyr','ppp-static'); insert into usergroup (username,groupname) values('troll','ppp-unlimited'); insert into usergroup (username,groupname) values('frog','nas-prompt');
delete from radcheck ; insert into radcheck (username,attribute,op,value) values('fredf','User-Password','==','wilma'); insert into radcheck (username,attribute,op,value) values('barneyr','User-Password','==','betty'); insert into radcheck (username,attribute,op,value) values('troll','Crypt-Password','==','$1$A8BotTi4$UTg2XL.fSStI2RFENUfnR.'); insert into radcheck (username,attribute,op,value) values('frog','User-Password','==','kermit');
delete from radreply ; insert into radreply (username,attribute,op,value) values('barneyr','Framed-IP-Address',':=','10.19.65.38'); insert into radreply (username,attribute,op,value) values('barneyr','Framed-IP-Netmask',':=','255.255.255.252');
delete from radgroupcheck ;
delete from radgroupreply ; insert into radgroupreply (groupname,attribute,op,value) values('ppp-unlimited','Framed-Compression',':=','Van-Jacobsen-TCP-IP'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-unlimited','Framed-Protocol',':=','PPP'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-unlimited','Service-Type',':=','Framed-User'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-unlimited','Framed-MTU',':=','1500'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-static','Framed-Compression',':=','Van-Jacobsen-TCP-IP'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-static','Framed-Protocol',':=','PPP'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-static','Service-Type',':=','Framed-User'); insert into radgroupreply (groupname,attribute,op,value) values('ppp-static','Framed-MTU',':=','1500'); insert into radgroupreply (groupname,attribute,op,value) values('nas-prompt','Framed-MTU',':=','1500'); insert into radgroupreply (groupname,attribute,op,value) values('nas-prompt','Framed-Compression',':=','Van-Jacobson-TCP-IP'); insert into radgroupreply (groupname,attribute,op,value) values('nas-prompt','Service-Type',':=','NAS-Prompt');
---8< cuthere >8---
Hope this helps.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html