Hi again,
I want to know what I making wrong. I have an MSSQL database and it's working great. Now I want to tweak my setup with including some attribute in group. But it's seems that rlm_sql didn't go see groupcheck or groupreply. I also put read_groups = yes in mssql.conf Here is my database and debut output usergroup 1,"guillaume","dynamic" 2,"jacques","dynamic" Radcheck 1,"guillaume","Cleartext-Password","xxxxxx",":=" 2,"jacques","Cleartext-Password","xxxxx",":=" Radreply 5, ,"guillaume","Fall-Through","Yes","=" Radgroupcheck 2,"dynamic","Expiration","""4 april 2008""",":=" Radgroupreply 1,"dynamic","Framed-Compression","Van-Jacobsen-TCP-IP",":=",0 2,"dynamic","Framed-Protocol","PPP",":=",0 3,"dynamic","Service-Type","Framed-User",":=",0 4,"dynamic","Framed-MTU","1500",":=",0 rad_recv: Access-Request packet from host 172.20.50.202 port 1088, id=49, length=249 Message-Authenticator = 0xacf874dd95a5e7a44477ebe85628c2d2 Service-Type = Framed-User User-Name = "guillaume\000" Framed-MTU = 1488 State = 0x937fe8889b4ef1e0c024c3839183ef26 Called-Station-Id = "00-0F-3D-AB-1C-07:testGuillaume" Calling-Station-Id = "00-0E-35-99-F3-E9" NAS-Identifier = "D-Link Access Point" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x023100261900170301001b37f64ad3eba1ecf9db603f2431312964a27e49ca72e0f0d1 588d99 NAS-IP-Address = 172.20.50.202 NAS-Port = 1 NAS-Port-Id = "STA port # 1" +- entering group authorize ++[preprocess] returns ok expand: %{User-Name} -> guillaume rlm_sql (sql): sql_set_user escaped user --> 'guillaume' rlm_sql (sql): Reserving sql socket id: 2 expand: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'guillaume' ORDER BY id rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok ++? if (ok) ? Evaluating "ok" -> TRUE ++? if (ok) -> TRUE ++- entering if (ok) +++[control] returns ok ++- if (ok) returns ok rlm_eap: EAP packet type response id 49 length 38 rlm_eap: Continuing tunnel setup. ++[eap] returns ok ++[expiration] returns noop ++[logintime] returns noop rad_check_password: Found Auth-Type EAP auth: type "EAP" +- entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Success rlm_eap: Freeing handler ++[eap] returns ok Sending Access-Accept of id 49 to 172.20.50.202 port 1088 MS-MPPE-Recv-Key = 0xc65d46cf1ee515a044585d7158c6c0dd39d183728c7541316f1171f701729069 MS-MPPE-Send-Key = 0x338d0bb6e1edd84602c3795eb3dc12da8e04b1b85dd988013a7e621e3f40399a EAP-Message = 0x03310004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "guillaume" Finished request 9. Going to the next request Thank ---------------------------- Guillaume Chartrand
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html