RE: Weird issue regarding authentification...
> If you run the queries printed in debug output, what do you get returned? > Note to login to mysql as the same user that Radius uses ala: > mysql -u RADIUS_USER -p DBNAME The weird thing is that exactly the *same* database worked!! Check them out. > radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE > Username = 'mobius' ORDER BY id' > rlm_sql (sql): Reserving sql socket id: 1 mysql> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'mobius' ORDER BY id; +-+--+---+--++ | id | UserName | Attribute | Value| op | +-+--+---+--++ | 931 | mobius | User-Password | mperf| := | +-+--+---+--++ 1 row in set (0.00 sec) > radius_xlat: 'SELECT > radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute, > radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE > usergroup.Username = 'mobius' AND usergroup.GroupName = > radgroupcheck.GroupName ORDER BY radgroupcheck.id' mysql> SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgrou pcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'mobius' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id; ++---+--+---++ | id | GroupName | Attribute| Value | op | ++---+--+---++ | 11 | PSTN | Auth-Type| Local | := | | 22 | PSTN | Pool-Name| main_pool | = | | 29 | PSTN | Simultaneous-Use | 1 | = | ++---+--+---++ 3 rows in set (0.01 sec) > radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE > Username = 'mobius' ORDER BY id' mysql> SELECT id,UserName,Attribute,Value,op FROM radreply WHERE UserName = "mobius" ORDER BY id; Empty set (0.00 sec) ** Note: I don't believe this to be a mistake, since most if not all the users don't have separate settings of their own but they get theirs from radgroupreply. > radius_xlat: 'SELECT > radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute, > radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE > usergroup.Username = 'mobius' AND usergroup.GroupName = > radgroupreply.GroupName ORDER BY radgroupreply.id' mysql> SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrou preply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'mobius' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id; ++---++-++ | id | GroupName | Attribute | Value | op | ++---++-++ | 10 | PSTN | Framed-Protocol| PPP | = | | 11 | PSTN | Framed-IP-Address | 255.255.255.254 | = | | 12 | PSTN | Framed-IP-Netmask | 255.255.255.255 | = | | 13 | PSTN | Framed-MTU | 1500| = | | 14 | PSTN | Framed-Compression | Van-Jacobson-TCP-IP | = | | 15 | PSTN | Idle-Timeout | 600 | = | | 44 | PSTN | NAS-Port-Type | Async | = | | 53 | PSTN | Port-Limit | 1 | = | | 54 | PSTN | Service-Type | Framed-User | = | ++---++-++ 9 rows in set (0.00 sec) This is pretty much it. I tried messing around with rlm_sql.c enabling the extra DEBUG2 messages but I am still searching...But after so many hours I am missing the half I am reading :-) Regards, m0bius - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Weird issue regarding authentification...
At 02:51 PM 12/8/2003, m0bius wrote: Hello people, I had a pretty good working configuration for the past month using FreeRadius with mySQL and Dialup Admin. However yesterday we had an enormous power failure and after some hours on running on the UPS the radius server was down. Today, at the morning however the server was up and running successfully. However at some point while I was tampering with some vendor specific attributes for our Lucents hell broke free. >From that point on I can not seem to get any user authentificated. I am constantly getting the error: rlm_sql (sql): No matching entry in the database for request from user [exuser]. I should point out that the database seems intact, (actually the sql queries done my radius are repeated by me successfully) and all tables and contents exist. If you run the queries printed in debug output, what do you get returned? Note to login to mysql as the same user that Radius uses ala: mysql -u RADIUS_USER -p DBNAME -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Weird issue regarding authentification...
Hello people, I had a pretty good working configuration for the past month using FreeRadius with mySQL and Dialup Admin. However yesterday we had an enormous power failure and after some hours on running on the UPS the radius server was down. Today, at the morning however the server was up and running successfully. However at some point while I was tampering with some vendor specific attributes for our Lucents hell broke free. >From that point on I can not seem to get any user authentificated. I am constantly getting the error: rlm_sql (sql): No matching entry in the database for request from user [exuser]. I should point out that the database seems intact, (actually the sql queries done my radius are repeated by me successfully) and all tables and contents exist. I've tried everything from reconfiguration, to fresh installation of radius on a new linux box. It seems like it cannot get the group the user exists and authentificate him. A failed connection follows as shown by radiusd -X: rad_recv: Access-Request packet from host 127.0.0.1:32769, id=224, length=53 Service-Type = Framed-User User-Name = "mobius" CHAP-Password = 0xe014cf9e7f9ea7ef95ea57eb50b9709dd1 modcall: entering group authorize for request 8 modcall[authorize]: module "preprocess" returns ok for request 8 radius_xlat: '/var/log/radius/radacct/127.0.0.1/auth-detail-20031208' rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/127.0.0.1/auth-detail-20031208 modcall[authorize]: module "auth_log" returns ok for request 8 rlm_chap: Setting 'Auth-Type := CHAP' modcall[authorize]: module "chap" returns ok for request 8 modcall[authorize]: module "mschap" returns noop for request 8 rlm_realm: No '@' in User-Name = "mobius", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "mobius" rlm_realm: Proxying request from user mobius to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Preparing to proxy authentication request to realm "NULL" modcall[authorize]: module "suffix" returns updated for request 8 radius_xlat: 'mobius' rlm_sql (sql): sql_set_user escaped user --> 'mobius' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'mobius' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgrou pcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'mobius' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'mobius' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrou preply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'mobius' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): No matching entry in the database for request from user [mobius] rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns notfound for request 8 modcall[authorize]: module "mschap" returns noop for request 8 modcall: group authorize returns updated for request 8 There was no response configured: rejecting request 8 Server rejecting request 8. Finished request 8 I am running FreeRadius 0.9.3. *Please* people if anyone can help do so, because I've spend 10 hours on this thing and I am on the edge... Regards, m0bius P.S. Please note that the configuration used in this radiusd previously worked!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html