Re: sending Access-request, Access-Reject
On 05/12/2010 08:01 PM, dorra aa wrote: hi can someone help me in that i add a users : abc cleartext-password:="123" It's right there in the debug output users: Matched entry DEFAULT at line 153 users: Matched entry abc at line 216 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 > rlm_pap: Found existing Auth-Type, not changing it. rad_check_password: Found Auth-Type System > modcall[authenticate]: module "unix" returns notfound for request 0 It shouldn't be using an auth-type of "System", that means to lookup the user in the /etc/passwd (/etc/shadow) file. But you don't have a user on your system named "abc" so the not found result makes sense, right? Why is it trying to find "abc" amongst the unix users on your system? The answer is right above, look at the lines labeled "users:", that's your users file, also look at the line that says "Found Auth-Type, not changing it". So somthing in your users file forced the user "abc" to have an Auth-Type of "system" or "unix", it also tells you which lines in the users files it matched. Go fix your users file so it doesn't do that. I'm guessing in your attempts to get things working you may have mangled the example users file, you might want to start with the unaltered users file and just add your test user. All this is documented in the link I sent you a week ago: http://deployingradius.com/documents/configuration/pap.html -- John Dennis Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sending Access-request, Access-Reject
hi can someone help me in that i add a users : abc cleartext-password:="123" and i run freeradius -X after that i do: r...@pfe-laptop:/home/pfe# radtest abc 123 localhost 1812 testing123 Sending Access-Request of id 48 to 127.0.0.1 port 1812 User-Name = "abc" User-Password = "123" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=48, length=20 and this is the output of deamon: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:41804, id=48, length=55 User-Name = "abc" User-Password = "123" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "abc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 153 users: Matched entry abc at line 216 modcall[authorize]: module "files" returns ok for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: leaving group authenticate (returns notfound) for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 48 to 127.0.0.1 port 41804 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 48 with timestamp 4beb3ff9 Nothing to do. Sleeping until we see a request. _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html