On Sat, 9 Sep 2006, Alan DeKok wrote: |->Keith Woodworth <[EMAIL PROTECTED]> wrote: |->> Anyway here is the error: |->> |->> radiusd.conf: "PAP" modules aren't allowed in 'authorize' sections -- they |->> have no such method. |-> |-> That's in 1.1.3. In 2.0, that is allowed.
That error was from 1.1.2, now I'm running 1.1.3. |->> And while Radius seems to send an Access-Accept, the dialup user gets an |->> error 691 password invalid. |-> |-> Because you're not sending the same reply attributes as in the |->previous example. Fix that. |-> |->> Again I get Access-Accept, but a 691 password error on the client side. |-> |-> Again because the replies are empty. Which table do the replys come from? In the debug: radius_xlat: 'tester' rlm_sql (sql): sql_set_user escaped user --> 'tester' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'tester' ORDER BY id' Here is the select from radcheck, which has the user tester in it. rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'tester' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'tester' ORDER BY id' Radreply is populated, but the username tester is not listed there, so no match obvioiusly. radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'tester' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 2 modcall: leaving group authorize (returns ok) for request 2 auth: type Crypt Sending Access-Accept of id 130 to 204.244.99.67 port 1645 So where to put the reply items? Should I not be using a default entry to reply to all users that authenticate? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html