Hi Vector, It sounds like you are on the right track and probably pretty close.
The problem is probably in either your 'radiusd.conf' file or your 'users' file. In my radiusd.conf file, I use: authorize { preprocess # counter attr_filter suffix files sql } authenticate { sql } In my users file, I have the following: DEFAULT Auth-Type := Sql Fall-Through = 1 The important bit (I think) is to have 'files' before 'sql' in the authorize section so that the "Auth-Type" gets set to 'Sql' in your 'users' file. Hope this helps. Vector wrote: > First off, many thanks to Alan and others for their efforts! > > I have freeradius working against the md5 passwords in shadow. So I moved > on to the next step of getting it to work in MySQL. I read the man pages, > config files, docs, etc... I also read every single message in the archives > that had 'sql' in the title and went through the page at the following URL > which was most helpful in getting started: > http://www.frontios.com/freeradius.html. Forgive me if I'm just being dense > on this...it's been a long week. > > Now on to the problem. The following is a snip from "radiusd -xx -s" and > shows the parameters used in sql.conf with some substitued out for generic > stuff to protect the innocent. The only wierdness here that I can see is > port="" but since it appears to eventually establish the connection, I'm > guessing it really knows what port to use. > > _____________ BEGIN SNIP ______________ > Module: Loaded SQL > sql: driver = "rlm_sql_mysql" > sql: server = "localhost" > sql: port = "" > sql: login = "root" > sql: password = "youwish" > sql: radius_db = "radius" > sql: acct_table = "radacct" > sql: acct_table2 = "radacct" > sql: authcheck_table = "radcheck" > sql: authreply_table = "radreply" > sql: groupcheck_table = "radgroupcheck" > sql: groupreply_table = "radgroupreply" > sql: usergroup_table = "usergroup" > sql: nas_table = "nas" > sql: dict_table = "dictionary" > sql: sqltrace = yes > sql: sqltracefile = "/var/log/radius/sqltrace.sql" > sql: deletestalesessions = yes > sql: num_sql_socks = 5 > sql: sql_user_name = "%{Stripped-User-Name}" > _____________ END SNIP ______________ > ...... > bunch of stuff from other Modules, which all looked OK > ...... > > Now here is a snip from an incoming request after the server has said > "Sleeping until we see a request.": > > _____________ BEGIN SNIP ______________ > rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:yyyy, id=34, > length=80 > NAS-IP-Address = xxx.xxx.xxx.xxx > NAS-Port = 66 > NAS-Port-Type = Virtual > User-Name = "testuser" > Calling-Station-Id = "xxx.xxx.xxx.xxx" > Password = "<normal escaped character sequences, etc...>" > rad_rmspace_pair: User-Name now 'testuser' > rad_rmspace_pair: Password now 'testpass' > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "suffix" returns ok > rlm_sql: Reserving sql socket id: 4 > radius_xlat: '' > rlm_sql: Released sql socket id: 4 > modcall[authorize]: module "sql" returns fail > modcall: group authorize returns fail > There was no response configured: rejecting request 8 > Server rejecting request 8. > Sending Access-Reject of id 34 to xxx.xxx.xxx.xxx:yyyy > Finished request 8 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > --- Walking the entire request list --- > Cleaning up request 8 ID 34 with timestamp 3c771525 > Nothing to do. Sleeping until we see a request. > ______________ END SNIP _______________ > > So what's the problem? It doesn't look like any SQL queries are getting > executed. The sqltrace.sql file never shows up in the log directory where > it is supposed to be (I'm guessing because it never get's to that point). > It reserves the socket and immediately releases after debug output shows > radius_xlat: '' > > All the traces I've seen in other peoples messages have lots of interesting > stuff in them like queries and the like. I've check the db uid, pwd, db > name, and every other parameter I can think of but still nothing. > > Also, I've placed into the schema that comes with 0.4 source, some test data > similar to the references in the URL at the top of this section. I've also > manually executed the queries found in sql.conf and they appear to return > the right values (assuming I know what the right values are). I get the > same thing whether I'm using radtest or the actual NAS I'm using. Any > suggestions? Thanks so much for your time and for reading (or at least > scanning) all this! > > vec > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html