Scott Reed wrote:
I have searched the archive and came close to figuring this out, but I have not
Don't start your query as part of another thread please.
Configuration tables:
1 USERGROUP
2 80 sreed MS1-AP1
3 76 treed MS1-AP1
4 78 sreed Router-Admin
5 79 treed Router-Admin
6 81 dreed Router-Admin
7
8 RADCHECK
9 331 dreed User-Password == password
10 269 treed User-Password == password
11 267 sreed User-Password == password
This should be ":=" for User-Password. If the match is failing, that may
be the issue.
12
13 RADGROUPCHECK
14 31 Router-Admin Service-Type == Login-User
15 28 MS1-AP1 Service-Type == Framed-User
16
17 RADREPLY
18 33 sreed Fall-Through = yes
19 43 treed Fall-Through = yes
20
21 RADGROUPREPLY
22 33 MS1-AP1 Port-Limit = 128k 15
23 34 Router-Admin Mikrotik-Group = full 10
24 39 Router-Admin Fall-Through = Yes 10
25 37 MS1-AP1 Fall-Through = Yes 15
I don't think Fall-Through does anything in rlm_sql. What are you
expecting it to do?
rad_recv: Access-Request packet from host 192.168.100.13:1201, id=166, length=83
Service-Type = Login-User
User-Name = "treed"
User-Password = "password"
Calling-Station-Id = "192.168.100.240"
NAS-Identifier = "HotSpot"
NAS-IP-Address = 192.168.100.13
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "treed", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
radius_xlat: 'treed'
rlm_sql (sql): sql_set_user escaped user --> 'treed'
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'treed' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'treed' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
What is the result of this query if you execute it directly against the
database?
rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = 'treed' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'treed' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.prio
Again, what does this query give against the database?
rlm_sql (sql): No matching entry in the database for request from user [treed]
This error code is returned if the check items don't match the request.
Possibly take a look in:
src/modules/rlm_sql/rlm_sql.c
...around line 860 (depending on the version you're running) and
uncomment these lines:
/*
* Uncomment these lines for debugging
* Recompile, and run 'radiusd -X'
*/
/*
DEBUG2("rlm_sql: check items");
vp_listdebug(check_tmp);
DEBUG2("rlm_sql: reply items");
vp_listdebug(reply_tmp);
*/
...then recompile and run again.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html