Re: problems with users after upgrading...
thanks Chris. I deleted the old files and started over. it took some redoing but it works fine now. thanks for all your help. Quoting Aamer Akhter ([EMAIL PROTECTED]): > Chris, > > still problems. can you also CC me on the reply directly? I have to cut and past >from the > archive currently.. > > > > At 11:27 AM 5/10/2002 -0400, Aamer Akhter wrote: > >Hello, > > > >I just make the newest freeradius with the default settings, and something > >seems to have changed. Under the old freeradius this was working fine. > What version are you upgrading from? > > : from 0.1 > > >Here is the output from -X: > > > >rad_recv: Access-Request packet from host 10.13.0.41:1645, id=109, length=79 > > User-Name = "as" > > Password = "\331\257\\\025\337\025\341\036\n\367\016syc\374j" > > NAS-Port = 130 > > NAS-Port-Type = Virtual > > Calling-Station-Id = "10.13.0.254" > > Service-Type = Login-User > > NAS-IP-Address = 3640-PE-EAST-1 > >modcall: entering group authorize > > modcall[authorize]: module "preprocess" returns ok > > modcall[authorize]: module "suffix" returns ok > >Invalid operator for item : reverting to '==' > >Invalid operator for item : reverting to '==' > > Those should be fixed. > > : note that 0.1 isn't complaining about them. and i'm not really sure which lines >the above > : is complaining about. how do i find out? > > > modcall[authorize]: module "files" returns notfound > >modcall: group authorize returns ok > >auth: No Auth-Type configuration for the request, rejecting the user > > That's the problem. Module 'files' returned 'notfound', so it didn't > match the username for some reason. > > >smartbits Auth-Type := Local > > Password == "xxx", > > > These should all be on one line. > > :fixed > > >any ideas on what my next step should be? > > Perhaps you could try putting a blank line between each of the one-line > user entries you have at the bottom of the users file? > > :fixed > > i've attached the complete users file time time. maybe i'm missing something major >here > > > -- > Aamer Akhter / [EMAIL PROTECTED] > NSITE - cisco Systems > > lab Auth-Type == Local, Password == "xxx", Cisco-AVPair == >"shell:priv-lvl=0", Fall-Through = no > > #set console timeout be 20min > DEFAULT NAS-Port == 0, Idle-Timeout == 20, Cisco-Idle-Limit == 20, >Fall-Through = yes > > smartbits Auth-Type := Local, Password == "xxx", Cisco-AVPair == >"shell:priv-lvl=0", Fall-Through = no > > DEFAULT Auth-Type := System, Service-Type == Login-user, Fall-Through >= 1, Cisco-AVPair == "priv-lvl=15" > > # Reply-Message = "NSITE MPLS test network" > > cw2k Auth-Type := Local, Password == "xxx" > > aakhter-scriptAuth-Type := Local, Password == "xxx" > > rymcmaho-script Auth-Type := Local, Password == "xxx" > > mbrown-script Auth-Type := Local, Password == "xxx" > > jguy-script Auth-Type := Local, Password == "xxx" > > rajiva-script Auth-Type := Local, Password == "xxx" > > asharma-script Auth-Type := Local, Password == "xxx" > > jmcglaug-script Auth-Type := Local, Password == "xxx" > > rrajamon-script Auth-Type := Local, Password == "xxx" > > vpnsc Auth-Type := Local, Password == "xxx" > > mbAuth-Type := Local, Password == "mb" > > jguy Auth-Type := Local, Password == "jg" > > raAuth-Type := Local, Password == "ra" > > rmAuth-Type := Local, Password == "rm" > > asAuth-Type := Local, Password == "as" > > rkAuth-Type := Local, Password == "rk" > > ssaran Auth-Type := Local, Password == "ssaran" > > vlimAuth-Type := Local, Password == "vlim" > > aaAuth-Type := Local, Password == "aa" > > fbovy Auth-Type := Local, Password == "fbovy" > > > DEFAULT Auth-Type == Pam > > > # On no match, the user is denied access. -- Aamer Akhter / [EMAIL PROTECTED] NSITE - cisco Systems - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problems with users after upgrading...
At 05:56 PM 5/10/2002 -0400, Aamer Akhter wrote: >Chris, > >still problems. can you also CC me on the reply directly? I have to cut >and past from the >archive currently.. > > > >At 11:27 AM 5/10/2002 -0400, Aamer Akhter wrote: > >Hello, > > > >I just make the newest freeradius with the default settings, and something > >seems to have changed. Under the old freeradius this was working fine. >What version are you upgrading from? > >: from 0.1 Wow, there have been a *lot* of changes since 0.1 There are many things in 'radiusd.conf' that have changed ( such as default values, and configuration options ). You'll probably want to re-install of the *.conf files from the current source and merge in your specific changes. > >Invalid operator for item : reverting to '==' > >Invalid operator for item : reverting to '==' > >Those should be fixed. > >: note that 0.1 isn't complaining about them. and i'm not really sure >which lines the above >: is complaining about. how do i find out? Not sure, you could try to run 'radiusd -x -x -x'. I thought that it would give you line numbers in the debug, hmmm. >i've attached the complete users file time time. maybe i'm missing >something major here There have been some significant changes since 0.1, that are not fully backwards compatible. I'd try to start over with the current config files and port your local options to them. I'd also recommend deleting all of the '/usr/local/lib/rlm_*' libraries to ensure you are using the most recent ones. Good luck. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problems with users after upgrading...
Chris, still problems. can you also CC me on the reply directly? I have to cut and past from the archive currently.. At 11:27 AM 5/10/2002 -0400, Aamer Akhter wrote: >Hello, > >I just make the newest freeradius with the default settings, and something >seems to have changed. Under the old freeradius this was working fine. What version are you upgrading from? : from 0.1 >Here is the output from -X: > >rad_recv: Access-Request packet from host 10.13.0.41:1645, id=109, length=79 > User-Name = "as" > Password = "\331\257\\\025\337\025\341\036\n\367\016syc\374j" > NAS-Port = 130 > NAS-Port-Type = Virtual > Calling-Station-Id = "10.13.0.254" > Service-Type = Login-User > NAS-IP-Address = 3640-PE-EAST-1 >modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "suffix" returns ok >Invalid operator for item : reverting to '==' >Invalid operator for item : reverting to '==' Those should be fixed. : note that 0.1 isn't complaining about them. and i'm not really sure which lines the :above : is complaining about. how do i find out? > modcall[authorize]: module "files" returns notfound >modcall: group authorize returns ok >auth: No Auth-Type configuration for the request, rejecting the user That's the problem. Module 'files' returned 'notfound', so it didn't match the username for some reason. >smartbits Auth-Type := Local > Password == "xxx", These should all be on one line. :fixed >any ideas on what my next step should be? Perhaps you could try putting a blank line between each of the one-line user entries you have at the bottom of the users file? :fixed i've attached the complete users file time time. maybe i'm missing something major here -- Aamer Akhter / [EMAIL PROTECTED] NSITE - cisco Systems lab Auth-Type == Local, Password == "xxx", Cisco-AVPair == "shell:priv-lvl=0", Fall-Through = no #set console timeout be 20min DEFAULT NAS-Port == 0, Idle-Timeout == 20, Cisco-Idle-Limit == 20, Fall-Through = yes smartbits Auth-Type := Local, Password == "xxx", Cisco-AVPair == "shell:priv-lvl=0", Fall-Through = no DEFAULT Auth-Type := System, Service-Type == Login-user, Fall-Through = 1, Cisco-AVPair == "priv-lvl=15" # Reply-Message = "NSITE MPLS test network" cw2kAuth-Type := Local, Password == "xxx" aakhter-script Auth-Type := Local, Password == "xxx" rymcmaho-script Auth-Type := Local, Password == "xxx" mbrown-script Auth-Type := Local, Password == "xxx" jguy-script Auth-Type := Local, Password == "xxx" rajiva-script Auth-Type := Local, Password == "xxx" asharma-script Auth-Type := Local, Password == "xxx" jmcglaug-script Auth-Type := Local, Password == "xxx" rrajamon-script Auth-Type := Local, Password == "xxx" vpnsc Auth-Type := Local, Password == "xxx" mb Auth-Type := Local, Password == "mb" jguyAuth-Type := Local, Password == "jg" ra Auth-Type := Local, Password == "ra" rm Auth-Type := Local, Password == "rm" as Auth-Type := Local, Password == "as" rk Auth-Type := Local, Password == "rk" ssaran Auth-Type := Local, Password == "ssaran" vlimAuth-Type := Local, Password == "vlim" aa Auth-Type := Local, Password == "aa" fbovy Auth-Type := Local, Password == "fbovy" DEFAULT Auth-Type == Pam # On no match, the user is denied access.
Re: problems with users after upgrading...
At 11:27 AM 5/10/2002 -0400, Aamer Akhter wrote: >Hello, > >I just make the newest freeradius with the default settings, and something >seems to have changed. Under the old freeradius this was working fine. What version are you upgrading from? >Here is the output from -X: > >rad_recv: Access-Request packet from host 10.13.0.41:1645, id=109, length=79 > User-Name = "as" > Password = "\331\257\\\025\337\025\341\036\n\367\016syc\374j" > NAS-Port = 130 > NAS-Port-Type = Virtual > Calling-Station-Id = "10.13.0.254" > Service-Type = Login-User > NAS-IP-Address = 3640-PE-EAST-1 >modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "suffix" returns ok >Invalid operator for item : reverting to '==' >Invalid operator for item : reverting to '==' Those should be fixed. > modcall[authorize]: module "files" returns notfound >modcall: group authorize returns ok >auth: No Auth-Type configuration for the request, rejecting the user That's the problem. Module 'files' returned 'notfound', so it didn't match the username for some reason. >smartbits Auth-Type := Local > Password == "xxx", These should all be on one line. >any ideas on what my next step should be? Perhaps you could try putting a blank line between each of the one-line user entries you have at the bottom of the users file? -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problems with users after upgrading...
Hello, I just make the newest freeradius with the default settings, and something seems to have changed. Under the old freeradius this was working fine. Here is the output from -X: rad_recv: Access-Request packet from host 10.13.0.41:1645, id=109, length=79 User-Name = "as" Password = "\331\257\\\025\337\025\341\036\n\367\016syc\374j" NAS-Port = 130 NAS-Port-Type = Virtual Calling-Station-Id = "10.13.0.254" Service-Type = Login-User NAS-IP-Address = 3640-PE-EAST-1 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "suffix" returns ok Invalid operator for item : reverting to '==' Invalid operator for item : reverting to '==' modcall[authorize]: module "files" returns notfound modcall: group authorize returns ok auth: No Auth-Type configuration for the request, rejecting the user auth: Failed to validate the user. Login incorrect: [as] (from client 3640-PE-EAST-1 port 130 cli 10.13.0.254) Sending Access-Reject of id 109 to 10.13.0.41:1645 Finished request 0 from the startup: Module: Loaded files files: usersfile = "/etc/raddb/users" files: acctusersfile = "/etc/raddb/acct_users" files: compat = "no" Module: Instantiated files (files) radiusd: FreeRADIUS Version 0.6, for host i686-pc-linux-gnu, built on May 10 2002 at 11:01:07 users file: DEFAULT NAS-Port == 0 Idle-Timeout = 20, Cisco-Idle-Limit = 20, Fall-Through = yes smartbits Auth-Type := Local Password == "xxx", Cisco-AVPair = "shell:priv-lvl=0", Fall-Through = no DEFAULT Auth-Type := System Service-Type = Login-user, # Reply-Message = "NSITE MPLS test network", Fall-Through = 1, Cisco-AVPair = "priv-lvl=15" mb Auth-Type := Local, Password == "mb" ra Auth-Type := Local, Password == "ra" rm Auth-Type == Local, Password == "rm" as Auth-Type := Local, Password == "as" rk Auth-Type := Local, Password == "rk" any ideas on what my next step should be? -- Aamer Akhter / [EMAIL PROTECTED] NSITE - cisco Systems - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html