RE: hints file somehow not processed against users in sql database?

2002-08-21 Thread Ryan Troy 

Mark,

We have it working, here is our hints file

DEFAULT Suffix = @domain.com, Strip-User-Name = Yes
Realm = @domain.com

DEFAULT Prefix = ppp#, Strip-User-Name = Yes

For the suffix we also have this in the proxy.conf

realm domain.com {
type= radius 
authhost= LOCAL
accthost= LOCAL
secret  = testing123
nostrip
}

Also in sql.conf Line 112 look for User-Name we had to change this to 
SQL-User-Name.

Our radius.conf looks like this:

authorize {
preprocess
suffix
files
}

authenticate {
unix
}

preacct {
preprocess
suffix
files
}

accounting {
detail
unix
radutmp
}

session {
   sql
}

I hope this helps.

- Ryan

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Mark
Hennessy
Sent: Wednesday, August 21, 2002 9:10 AM
To: [EMAIL PROTECTED]
Subject: Re: hints file somehow not processed against users in sql
database?

I fixed this.

I did the following:
 in sql.conf:
I uncommented:

sql_user_name = %{Stripped-User-Name:-%{User-Name:-none}}

and commented out:

sql_user_name = %{User-Name}

causing Stripped-User-Name to be checked as well against the sql
database.

In radiusd.conf:
I added
suffix
in the preprocess section right before the hints file is specified so
that
a hinted username can be properly stripped if it is also realmed.

username.ppp@domain wouldn't work before.

--
 Mark P. Hennessy
[EMAIL PROTECTED]

On Wed, 21 Aug 2002, Mark Hennessy wrote:

 Date: Wed, 21 Aug 2002 10:20:39 -0400 (EDT)
 From: Mark Hennessy [EMAIL PROTECTED]
 Reply-To: [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: hints file somehow not processed against users in sql
database?

 For some reason, the hints file doesn't seem to get honored when a
user
 with an entry the sql database is trying to authenticate on my system.

 Here's my hints file:

 DEFAULT Suffix = .ppp, Strip-User-Name = Yes
 Hint = PPP,
 Service-Type = Framed-User,
 Framed-Protocol = PPP,
 Fall-Through = Yes

 DEFAULT Suffix = .roaming, Strip-User-Name = Yes
 Hint = PPP,
 Service-Type = Framed-User,
 Framed-Protocol = PPP,
 Fall-Through = Yes

 It doesn't seem to be authenticating properly if the realm is
specified
 either, even though the realm is specified in the realms file.

 huntgroups is being honored, so it would appear that preprocess is
 being used.

 This is debug output from an attempt with the realm name, the debug
output
 from an attempt with .ppp suffix is the next one below this.

 rad_recv: Access-Request packet from host 192.168.1.20:2465, id=96,
length=82
 User-Name = [EMAIL PROTECTED]
 User-Password = snipped
 Service-Type = Framed-User
 Framed-Protocol = PPP
 NAS-IP-Address = 192.168.1.20
 NAS-Port = 0
 modcall: entering group authorize
   modcall[authorize]: module preprocess returns ok
 rlm_realm: Looking up realm cloud9.net for User-Name =
 [EMAIL PROTECTED]
 rlm_realm: Found realm cloud9.net
 rlm_realm: Adding Stripped-User-Name = foo
   rlm_realm: Proxying request from user foo to realm cloud9.net
 rlm_realm: Adding Realm = cloud9.net
 rlm_realm:  Authentication realm is LOCAL.
 rlm_realm:  auth_port is not set.  proxy cancelled
   modcall[authorize]: module suffix returns noop
 radius_xlat:  '[EMAIL PROTECTED]'
 sql_set_user:  escaped user -- '[EMAIL PROTECTED]'
 radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE
 Username = '[EMAIL PROTECTED]' ORDER BY id'
 rlm_sql: Reserving sql socket id: 4
 rlm_sql: User [EMAIL PROTECTED] not found
 radius_xlat:  'SELECT

radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgrou
pcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username =
 '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName
 ORDER BY radgroupcheck.id'
 radius_xlat:  'SELECT

radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrou
preply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username =
 '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName
 ORDER BY radgroupreply.id'
 sql_set_user:  escaped user -- 'DEFAULT'
 radius_xlat:  'SELECT

radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgrou
pcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username = 'DEFAULT' AND
 usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id'
 radius_xlat:  'SELECT

radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrou
preply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username = 'DEFAULT' AND
 usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id'
 rlm_sql: DEFAULT not found
 rlm_sql: Released sql socket id: 4
   modcall[authorize]: module sql returns

mysql and simultanious logins

2002-05-04 Thread Ryan Troy 

Quick question, we are running freeradius 0.5 and mysql and we are
having a problem with simultaneous logins, our database is setup like
this:

Radgroupcheck table:
id  GroupName  AttributeValue  op  
1   DEFAULT  Simultaneous-Use   2:= 

We keep getting errors like this:

Fri May  3 10:13:04 2002 : Auth: Multiple logins (max 1) : [username]
(from nas UNKNOWN-NAS port 109)

But the user is not logged in; we have tested it locally and the same
thing. Changing the Value to 20 or 30 seems to fix the problem. 

Any suggestions would be great..

Thanks,

Ryan



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

A couple quick questions

2002-04-24 Thread Ryan Troy 

Is it possible to read NAS from a mysql database? I see the tables are
commented out in the .sql file but I didn't know if it was possible.

Also is it possible to store radius.log in the mysql database?


Best Regards,

Ryan Troy
Screaming Internet, Inc
Voice: 970-870-0495
Toll Free: 866-727-3261
http://www.screaminet.com



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html