subject:"\"RE\\\\\\\: proxy.conf problem\""

Re: proxy.conf problem

2003-09-21 Thread Alan DeKok

"Mustafa N. deeb" <[EMAIL PROTECTED]> wrote:
> Having this configured already in proxy.conf, why do I have to configure
> the users file?

  Configure *what* in the 'users' file?

> >From what I saw from debug, the realm module recognizes the realm, but
> when 
> The authorize module reaches "sql", it adds back the full (non-stripped
> username) and it fails b/c as you said, for sql it is a different
> username

  That's what the configuration files are for.  Read 'sql.conf'.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: proxy.conf problem

2003-09-21 Thread Mustafa N. deeb

Hi Alan


It worked, like this


I just changed proxy.conf to do this

Instead of 

Realm DOMAIN {
Type= radius
Authhost = LOCAL
Accthost = LOCAL
strip

}

I did

Realm DOMAIN {
Type=radius
Authhost= localhost:1812
Accthost = localhost:1813
Secret = whatever
strip

}

and now it is working

do you think this is right ?


CHeers

   

>"Mustafa N. deeb" <[EMAIL PROTECTED]> wrote:
> Below is the debug of 2 attempts, the first is successful and the
other
> is not

 > So compare the two, to see what the differences are.
>
 > You do realize that the two usernames "test" and "[EMAIL PROTECTED]" are
>different, don't you?  The 'users' file keys on the username, so
>you've got to somehow make those two different usernames the same.

 > Hint: look for the 'strip' and/or 'nostrip' option in the proxy
>configuration.

> I'm using ntradping for testing

>  I'm surprised that 'radtest', which comes with the server, is
>inadequate.

>  Alan DeKok.





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: proxy.conf problem

2003-09-20 Thread Mustafa N. deeb

Hi


Having this configured already in proxy.conf, why do I have to configure
the users file?

Realm DOMAIN {
Type = radius
authhost = LOCAL
accthost = LOCAL
Strip
}

Is this something standard in radius servers, I've worked with cistron
and icradius, and I usually did it by just adding LOCAL to the realm
file



>From what I saw from debug, the realm module recognizes the realm, but
when 
The authorize module reaches "sql", it adds back the full (non-stripped
username) and it fails b/c as you said, for sql it is a different
username



radtest it does the job, but ntradping have nicer interface


cheers



>"Mustafa N. deeb" <[EMAIL PROTECTED]> wrote:
> Below is the debug of 2 attempts, the first is successful and the
other
> is not

 > So compare the two, to see what the differences are.
>
 > You do realize that the two usernames "test" and "[EMAIL PROTECTED]" are
>different, don't you?  The 'users' file keys on the username, so
>you've got to somehow make those two different usernames the same.

 > Hint: look for the 'strip' and/or 'nostrip' option in the proxy
>configuration.

> I'm using ntradping for testing

>  I'm surprised that 'radtest', which comes with the server, is
>inadequate.

>  Alan DeKok.





- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: proxy.conf problem

2003-09-20 Thread Alan DeKok

"Mustafa N. deeb" <[EMAIL PROTECTED]> wrote:
> Below is the debug of 2 attempts, the first is successful and the other
> is not

  So compare the two, to see what the differences are.

  You do realize that the two usernames "test" and "[EMAIL PROTECTED]" are
different, don't you?  The 'users' file keys on the username, so
you've got to somehow make those two different usernames the same.

  Hint: look for the 'strip' and/or 'nostrip' option in the proxy
configuration.

> I'm using ntradping for testing

  I'm surprised that 'radtest', which comes with the server, is
inadequate.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: proxy.conf problem

2003-09-20 Thread Mustafa N. deeb

20 2003 : Debug: Thread 2 handling request 1, (1
handled so far)
User-Name = "[EMAIL PROTECTED]"
User-Password = "136110"
Sat Sep 20 15:26:20 2003 : Debug: modcall: entering group authorize
Sat Sep 20 15:26:20 2003 : Debug:   modcall[authorize]: module
"preprocess" returns ok
Sat Sep 20 15:26:20 2003 : Debug: radius_xlat:  '[EMAIL PROTECTED]'
Sat Sep 20 15:26:20 2003 : Debug: rlm_sql (sql): sql_set_user escaped
user --> '[EMAIL PROTECTED]'
Sat Sep 20 15:26:20 2003 : Debug: radius_xlat:  'SELECT
id,UserName,Attribute,Value,op FROM radcheck WHERE Username =
'[EMAIL PROTECTED]' ORDER BY id'
Sat Sep 20 15:26:20 2003 : Debug: rlm_sql (sql): Reserving sql socket
id: 7
Sat Sep 20 15:26:20 2003 : Debug: rlm_sql (sql): User [EMAIL PROTECTED]
not found in radcheck
Sat Sep 20 15:26:20 2003 : Debug: radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgrou
pcheck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
Sat Sep 20 15:26:20 2003 : Debug: radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrou
preply.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE
usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
Sat Sep 20 15:26:20 2003 : Debug: rlm_sql (sql): User [EMAIL PROTECTED]
not found in radgroupcheck
Sat Sep 20 15:26:20 2003 : Debug: rlm_sql (sql): User not found
Sat Sep 20 15:26:20 2003 : Debug: rlm_sql (sql): Released sql socket id:
7
Sat Sep 20 15:26:20 2003 : Debug:   modcall[authorize]: module "sql"
returns notfound
Sat Sep 20 15:26:20 2003 : Debug: rlm_sqlcounter: Entering module
authorize code
Sat Sep 20 15:26:20 2003 : Debug: rlm_sqlcounter: Could not find Check
item value pair
Sat Sep 20 15:26:20 2003 : Debug:   modcall[authorize]: module
"noresetcounter" returns noop
Sat Sep 20 15:26:20 2003 : Debug: rlm_sqlcounter: Entering module
authorize code
Sat Sep 20 15:26:20 2003 : Debug: rlm_sqlcounter: Could not find Check
item value pair
Sat Sep 20 15:26:20 2003 : Debug:   modcall[authorize]: module
"dailyresetcounter" returns noop
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: No '/' in User-Name =
"[EMAIL PROTECTED]", looking up realm NULL
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: Found realm "NULL"
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: Adding
Stripped-User-Name = "[EMAIL PROTECTED]"
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: Proxying request from
user [EMAIL PROTECTED] to realm NULL
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: Adding Realm = "NULL"
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: Authentication realm is
LOCAL.
Sat Sep 20 15:26:20 2003 : Debug:   modcall[authorize]: module
"realmslash" returns noop
Sat Sep 20 15:26:20 2003 : Debug: rlm_realm: Request already
proxied.  Ignoring.
Sat Sep 20 15:26:20 2003 : Debug:   modcall[authorize]: module "suffix"
returns noop
Sat Sep 20 15:26:20 2003 : Debug: modcall: group authorize returns ok
Sat Sep 20 15:26:20 2003 : Debug: auth: No authenticate method
(Auth-Type) configuration found for the request: Rejecting the user
Sat Sep 20 15:26:20 2003 : Debug: auth: Failed to validate the user.
Sat Sep 20 15:26:20 2003 : Auth: Login incorrect:
[EMAIL PROTECTED]/PROTECTED] (from client mustafa port 0)
Sat Sep 20 15:26:20 2003 : Debug: Delaying request 1 for 1 seconds
Sat Sep 20 15:26:20 2003 : Debug: Finished request 1
Sat Sep 20 15:26:20 2003 : Debug: Going to the next request
Sat Sep 20 15:26:20 2003 : Debug: Thread 2 waiting to be assigned a
request
Sat Sep 20 15:26:21 2003 : Debug: --- Walking the entire request list
---
Sat Sep 20 15:26:21 2003 : Debug: Waking up in 1 seconds...
Sat Sep 20 15:26:22 2003 : Debug: --- Walking the entire request list
---
Sending Access-Reject of id 1 to 192.116.17.51:1883
Sat Sep 20 15:26:22 2003 : Debug: Waking up in 4 seconds...
Sat Sep 20 15:26:26 2003 : Debug: --- Walking the entire request list
---
Sat Sep 20 15:26:26 2003 : Debug: Cleaning up request 1 ID 1 with
timestamp 3f6c476c
Sat Sep 20 15:26:26 2003 : Debug: Nothing to do.  Sleeping until we see
a request.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, September 17, 2003 4:54 PM
To: [EMAIL PROTECTED]
Subject: Re: proxy.conf problem 

"Mustafa N. deeb" <[EMAIL PROTECTED]> wrote:
> So far I'm able to authenticate users with any problems, but if I use
> [EMAIL PROTECTED] it doesn't
>  
> "user" is ok
> [EMAIL PROTECTED]-> LOCAL doesn't authenticate,

  Have you tried running it in debugging mode, as suggested in the
FAQ, README's, and multiple other places?

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: proxy.conf problem

2003-09-17 Thread Alan DeKok

"Mustafa N. deeb" <[EMAIL PROTECTED]> wrote:
> So far I'm able to authenticate users with any problems, but if I use
> [EMAIL PROTECTED] it doesn't
>  
> "user" is ok
> [EMAIL PROTECTED]-> LOCAL doesn't authenticate,

  Have you tried running it in debugging mode, as suggested in the
FAQ, README's, and multiple other places?

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: proxy.conf problem

RE: proxy.conf problem

RE: proxy.conf problem

Re: proxy.conf problem

RE: proxy.conf problem

Re: proxy.conf problem

6 matches

Site Navigation

Mail list logo

Footer information