Hi All I still have problem in huntgroup with Freeradius 1.0.1 and little investigate about it.
In the 1st, I add 'auth_log' setting at authorize section in 'radiusd.conf' file for collect more information. In the 2nd, I chheck current User information at our MySQL server by using SQL Query which describe sql.conf. |SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute, |radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE |usergroup.Username='test1' AND usergroup.GroupName = radgroupcheck.GroupName |ORDER BY radgroupcheck.id; |+----+-----------+----------------+---------+----+ || id | GroupName | Attribute | Value | op | |+----+-----------+----------------+---------+----+ || 2 | dynamic | Huntgroup-Name | dynamic | == | |+----+-----------+----------------+---------+----+ |mysql> select * from radcheck where UserName='test1'; |+----+----------+-----------+----+-------+ || id | UserName | Attribute | op | Value | |+----+----------+-----------+----+-------+ || 1 | test1 | Password | == | pass1 | |+----+----------+-----------+----+-------+ |1 row in set (0.00 sec) # /usr/local/etc/raddb/huntgroups -------------------------------------------- static NAS-IP-Address == 127.0.0.1 dynamic NAS-IP-Address == 127.0.0.1 In the Last, I start Freeradius with debug mode (-sxxf) and query. (But rejected) |svr3# /usr/local/bin/radtest test1 pass1 localhost 0 secret ppp 127.0.0.1 |Sending Access-Request of id 243 to 127.0.0.1:1645 | User-Name = "test1" | User-Password = "pass1" | NAS-IP-Address = 127.0.0.1 | NAS-Port = 0 | Framed-Protocol = PPP |rad_recv: Access-Reject packet from host 127.0.0.1:1645, id=243, length=20 "auth-detail" file says, radius treat 'test1' user as Group=static. (Actually, 'dynamic') |Packet-Type = Access-Request |Thu Nov 18 11:52:22 2004 | User-Name = "test1" | User-Password = "pass1" | NAS-IP-Address = 127.0.0.1 | NAS-Port = 0 | Framed-Protocol = PPP | Service-Type = Framed-User | Client-IP-Address = 127.0.0.1 | Huntgroup-Name = "static" Below is radius detail log. I hope someone's kindly help. --------------------------------------------------------------------------- rad_recv: Access-Request packet from host 127.0.0.1:54456, id=239, length=65 User-Name = "test1" User-Password = "pass1" NAS-IP-Address = 127.0.0.1 NAS-Port = 0 Framed-Protocol = PPP Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 rlm_realm: No '@' in User-Name = "test1", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 radius_xlat: '/var/log/radacct/auth-detail-20041118' rlm_detail: /var/log/radacct/auth-detail-%Y%m%d expands to /var/log/radacct/auth-detail-20041118 modcall[authorize]: module "auth_log" returns ok for request 0 modcall[authorize]: module "attr_filter" returns noop for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 users: Matched DEFAULT at 12 users: Matched DEFAULT at 18 modcall[authorize]: module "files" returns ok for request 0 radius_xlat: 'masaru1' rlm_sql (sql): sql_set_user escaped user --> 'test1' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'test1' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'test1' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): No matching entry in the database for request from user [test1] rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns notfound for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type Local auth: type Local auth: No password configured for the user auth: Failed to validate the user. Processing the post-auth section of radiusd.conf modcall: entering group Post-Auth-Type for request 0 radius_xlat: '/var/log/radacct/reply-detail-20041118' --------------------------------------------------------------------------- (end) On Mon, 15 Nov 2004 23:10:21 +0900 Masaru Yoshihama <[EMAIL PROTECTED]> wrote: > Hi All, > > I have been to use FreeRadius 0.9.1 while a year and would like to > upgtade to ver 1.0.1. What i need to modfy setting is only Dictionary > section. New version FreeRadius 1.0.1 works smoothly expect huntgroup > settings. > > I setup FreeRadius with MySQL relationship at FreeBSD 5.3 Release. > Below is my settings. > > mysql> select * from radcheck; > +----+----------+-----------+----+-------+ > | id | UserName | Attribute | op | Value | > +----+----------+-----------+----+-------+ > | 1 | test1 | Password | == | pass1 | > | 2 | test2 | Password | == | pass2 | > +----+----------+-----------+----+-------+ > > mysql> select * from usergroup; > +----+----------+-----------+ > | id | UserName | GroupName | > +----+----------+-----------+ > | 1 | test1 | dynamic | > | 2 | test2 | static | > +----+----------+-----------+ > > mysql> select * from radgroupcheck; > +----+-----------+----------------+----+---------+ > | id | GroupName | Attribute | op | Value | > +----+-----------+----------------+----+---------+ > | 1 | static | Huntgroup-Name | == | static | > | 2 | dynamic | Huntgroup-Name | == | dynamic | > +----+-----------+----------------+----+---------+ > > # /usr/local/etc/raddb/huntgroups > -------------------------------------------- > static NAS-IP-Address == 127.0.0.1 > dynamic NAS-IP-Address == 127.0.0.1 > > I am checking behavior with below command. > > /usr/local/bin/radtest test1 pass1 localhost 0 secret123 ppp 127.0.0.1 > /usr/local/bin/radtest test2 pass2 localhost 0 secret123 ppp 127.0.0.1 > > When I use ver 0.9.1, it work properly( Each result is Accepted). But if > i use ver 1.0.1, 1st query is Accepted and 2nd query is Denied.It seemes > that only 1st row of huntgroup is proseeding normally, But the rest row > is not processing. > > For the confirmation, I try to change huntgroups row (1st and 2nd) and > query again. 1st query(User test1) rejected and 2nd query(User test2) > accepted. What things possible to cause this problems? I thirst any > information. > > > -- > ---------------------------------------- > Masaru Yoshihama Email: [EMAIL PROTECTED] > Okinawa FreeBSD Users Group http://www.ofug.net/ > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ---------------------------------------- Masaru Yoshihama Email: [EMAIL PROTECTED] Okinawa FreeBSD Users Group http://www.ofug.net/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html