subject:"\"RE\\\: Re\\\: freeradius 1.1.1 and mysql issues\""

Re: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread A . L . M . Buxey

Hi,

> I have tried reordering the elements in the radiusd.conf file so that the 
> database is tried first, and then commented out the section to check the 
> users file, and I am still having the same issues.
> 
> Here is the output again:
> 
> modcall: leaving group authorize (returns updated) for request 0
>   rad_check_password:  Found Auth-Type Local
> auth: type Local
> auth: No User-Password or CHAP-Password attribute in the request
^^^


> auth: Failed to validate the user.
> Login incorrect: [simon/] (from client 
> linksys-434 port 56 cli 0013ce29c6d7)
^^

check the logs when you run NTRadPing etc - it looks like the linksys isnt 
sending all it needs
to send.

alan
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: RE: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread simon

There is a password in the database (in the radcheck table) associated with 
the username.  I am also supplying both the username and password on my laptop 
as I am trying to connect.  I currently have the Auth-Type being set (:=) to 
Local in the radgroupcheck table.  I believe this should all be set up 
properly.  

Simon

>>>  modcall[authorize]: module "sql" returns ok for request 0
>>>modcall: leaving group authorize (returns updated) for request 0
>>>  rad_check_password:  Found Auth-Type Local
>>>auth: type Local
>>>auth: No User-Password or CHAP-Password attribute in the request
>>>auth: Failed to validate the user.
>>>Login incorrect: [simon/] (from client
>>linksys->434 port 56 cli 0013ce29c6d7)
>>
>>There is no password ? Is that okay?
>>
>>You can set Auth-Type to Accept if the user is found in sql !
>>If that is what you actually want.
>>
>>Regards,
>>
>>Edvin
>>
>>
>>- 
>>List info/subscribe/unsubscribe? See 
>>http://www.freeradius.org/list/users.html
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread Seferovic Edvin

>  modcall[authorize]: module "sql" returns ok for request 0
>modcall: leaving group authorize (returns updated) for request 0
>  rad_check_password:  Found Auth-Type Local
>auth: type Local
>auth: No User-Password or CHAP-Password attribute in the request
>auth: Failed to validate the user.
>Login incorrect: [simon/] (from client
linksys->434 port 56 cli 0013ce29c6d7)

There is no password ? Is that okay?

You can set Auth-Type to Accept if the user is found in sql !
If that is what you actually want.

Regards,

Edvin


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread simon

Hi,

I have tried reordering the elements in the radiusd.conf file so that the 
database is tried first, and then commented out the section to check the users 
file, and I am still having the same issues.

Here is the output again:

Ready to process requests.
rad_recv: Access-Request packet from host 10.10.1.1:1320, id=0, length=123
User-Name = "simon"
NAS-IP-Address = 10.10.1.1
Called-Station-Id = "0014bff3dac8"
Calling-Station-Id = "0013ce29c6d7"
NAS-Identifier = "0014bff3dac8"
NAS-Port = 56
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020a0173696d6f6e
Message-Authenticator = 0x68b3f01e605eb032281dd6c99dfd9e52
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "simon", looking up realm NULL
rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 0 length 10
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
radius_xlat:  'simon'
rlm_sql (sql): sql_set_user escaped user --> 'simon'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op   FROM 
radcheck   WHERE Username = 'simon'   ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op   FROM 
radcheckWHERE Username = 'simon'   ORDER BY id
radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op   FROM 
radreply   WHERE Username = 'simon'   ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op   FROM 
radreplyWHERE Username = 'simon'   ORDER BY id
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
  FROM radgroupreply,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
  FROM radgroupreply,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [simon/] (from client linksys-434 
port 56 cli 0013ce29c6d7)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 0 to 10.10.1.1 port 1320
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 447ef7e2
Nothing to do.  Sleeping until we see a request.


As before, it still authenticates perfectly when I try it with either NTRadPing 
or radtest.

Thanks again,

Simon


>hi,
>
>you say it works okay with NTRadPing and that when you use an entry in users 
>file it works...however
>in the log you supplied its still matching an entry in the users file - and 
>the server is then
>happy to use that matching entry rather than one in the DB. the log you posted 
>also shows that it
>is attempting to use the files method...and that the match told it to use 
>Local authentication..the
>database query is then superfluous.
>
>alan
>- 
>List info/subscribe/unsubscribe? See 
>http://www.freeradius.org/list/users.html
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: freeradius 1.1.1 and mysql issues

RE: RE: Re: freeradius 1.1.1 and mysql issues

RE: Re: freeradius 1.1.1 and mysql issues

RE: Re: freeradius 1.1.1 and mysql issues

4 matches

Site Navigation

Mail list logo

Footer information