Re[2]: No Authentication

2003-02-04 Thread Pavel S. Shirshov 
Hello Simon,

Tuesday, February 4, 2003, 6:34:02 PM, you wrote:

>> May be to faq this question?

SW> It's in the

SW> www.frontios.com/freeradius.html

I'm not see direct solution here. I had this problem with db, i'm read
www.frontios.com, www.google.com, etc, but does'nt solve problem.
Alan helped to solve this problem.

Maybe in /raddb/users place string,
DEFAULT Auth-Type := System
Fall-Through = 1

instead
DEFAULT Auth-Type := System
Fall-Through = 1


Or does commented out solution for db?

Or insert to faq! (Sounds right for me)

Sorry for bad English.


-- 
Best regards,
 Pavelmailto:[EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re[2]: No Authentication

2003-02-04 Thread Pavel S. Shirshov 
Hello Simon,

Tuesday, February 4, 2003, 1:44:21 PM, you wrote:

SW> 04-Feb-03 at 01:19, Robert Canary ([EMAIL PROTECTED]) wrote :
>>   modcall[authorize]: module "sql" returns ok

SW> The SQL part is working

>>   users: Matched DEFAULT at 152
>> modcall[authorize]: module "files" returns ok
>> modcall: group authorize returns ok

SW> Files is also ready to authenticate after authorization

>>   rad_check_password:  Found Auth-Type System
>>   auth: type "System"

SW> Now, the auth type is System. Aha! That means it won't authenticate
SW> against SQL but the /etc/passwd or /etc/shadow file...

>>   modcall: entering group authenticate
>> modcall[authenticate]: module "unix" returns notfound

SW> There is no user in the system files 

>> modcall: group authenticate returns notfound
>> auth: Failed to validate the user.

SW> Read what it is telling you...

SW> You need Auth-Type Local returned by your SQL DB.

May be to faq this question?


-- 
Best regards,
 Pavelmailto:[EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re[2]: problem with postgresql 7.2 + freeradius (latest cvs)

2003-01-29 Thread Pavel S. Shirshov 
Hello Alan,

Tuesday, January 28, 2003, 3:29:12 PM, you wrote:

AD>   The SQL module doesn't do authentication, and it isn't rejecting the
AD> user.

AD>   Read the log message you posted to the list.  The Unix module is
AD> doing the authentication, and is rejecting the user.

Ok. Thx. But auth configuration is very complex for me.


-- 
Best regards,
 Pavelmailto:[EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

problem with postgresql 7.2 + freeradius (latest cvs)

2003-01-28 Thread Pavel S. Shirshov 
Hello freeradius-users,

Sorry for Bad English.

Problem with auth from sql base - user rejected every time!

Content of database tables take from Scott Bartlett (www.frontios.com)
examples.
 
Fragment of radiusd.conf
---
authorize {
preprocess
chap
mschap
sql
suffix
files
} 
---


 I uncommented lines 569 - 572 in rlm_sql.c with code:

   DEBUG2("rlm_sql:  check items");
   vp_listdebug(check_tmp);
   DEBUG2("rlm_sql:  reply items");
   vp_listdebug(reply_tmp);

   and get result in log. In log user found and reply for user is
   available. But user rejected!??

--
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/etc/raddb/proxy.conf
Config:   including file: /usr/local/etc/raddb/clients.conf
Config:   including file: /usr/local/etc/raddb/snmp.conf
Config:   including file: /usr/local/etc/raddb/postgresql.conf
 main: prefix = "/usr/local"
 main: localstatedir = "/usr/local/var"
 main: logdir = "/usr/local/var/log/radius"
 main: libdir = "/usr/local/lib"
 main: radacctdir = "/usr/local/var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/usr/local/var/log/radius/radius.log"
 main: log_auth = yes
 main: log_auth_badpass = yes
 main: log_auth_goodpass = yes
 main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = yes
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr 
Module: Instantiated expr (expr) 
Module: Loaded PAP 
 pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap) 
Module: Loaded CHAP 
Module: Instantiated chap (chap) 
Module: Loaded MS-CHAP 
 mschap: ignore_password = no
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: passwd = "(null)"
 mschap: authtype = "MS-CHAP"
Module: Instantiated mschap (mschap) 
Module: Loaded System 
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix) 
Module: Loaded preprocess 
 preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
 preprocess: hints = "/usr/local/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess) 
Module: Loaded SQL 
 sql: driver = "rlm_sql_postgresql"
 sql: server = "xxx.xxx.xxx"
 sql: port = ""
 sql: login = "radius"
 sql: password = ""
 sql: radius_db = "radius"
 sql: acct_table = "radacct"
 sql: acct_table2 = "radacct"
 sql: authcheck_table = "radcheck"
 sql: authreply_table = "radreply"
 sql: groupcheck_table = "radgroupcheck"
 sql: groupreply_table = "radgroupreply"
 sql: usergroup_table = "usergroup"
 sql: nas_table = "nas"
 sql: dict_table = "dictionary"
 sql: sqltrace = yes
 sql: sqltracefile = "/usr/local/var/log/radius/sqltrace.sql"
 sql: deletestalesessions = yes
 sql: num_sql_socks = 5
 sql: sql_user_name = "%{User-Name}"
 sql: default_user_profile = ""
 sql: query_on_not_found = no
 sql: authorize_check_query = "SELECT id,UserName,Attribute,Value,Op FROM radcheck 
WHERE Username = '%{SQL-User-Name}' ORDER BY id"
 sql: authorize_reply_query = "SELECT id,UserName,Attribute,Value,Op FROM radreply 
WHERE Username = '%{SQL-User-Name}' ORDER BY id"
 sql: authorize_group_check_query = "SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id"
 sql: authorize_group_reply_query = "SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,r

Re: fr cvs and PostgreSQL

2003-01-27 Thread Pavel S. Shirshov 
Hello Guillermo,

Monday, January 27, 2003, 10:30:03 PM, you wrote:


GS> Hi, I would like to exchange some experiences with somebody using 
GS> freeradius with PostgreSQL.

GS> That's because I'm having problems (I lose some records) and don't know 
GS> what to do. So I want to compare my setup which someone else's.

I'm using freeradius+postgres now. But my English is bad. I'm ready
for infos exchange with you.

-- 
Best regards,
 Pavelmailto:[EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html