Hi list, I have some problems with the mentioned message. COMPLETE MESSAGE : rad_recv: Access-Request packet from host MYIP port 2343, id=110, length=207 NAS-Port-Type = Ethernet Calling-Station-Id = "C4:2C:03:DA:11:44" Called-Station-Id = "station-DC" NAS-Port-Id = "ether2" User-Name = "8charword" NAS-Port = 2152726925 Acct-Session-Id = "8050018d" Framed-IP-Address = 10.128.6.99 Mikrotik-Host-IP = 10.128.6.99 User-Password = "!wayne#" Service-Type = Login-User WISPr-Logoff-URL = "" NAS-Identifier = "station-dc" NAS-IP-Address = MYIP Mikrotik-Realm = "myrealm" +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "8charword", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop rlm_eap: No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns updated expand: %{User-Name} -> 8charword rlm_sql (sql): sql_set_user escaped user --> '8charword' rlm_sql (sql): Reserving sql socket id: 3 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '8charword' ORDER BY id WARNING: Found User-Password == "...". WARNING: Are you sure you don't mean Cleartext-Password? WARNING: See "man rlm_pap" for more information. rlm_sql (sql): User found in radcheck table expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '8charword' ORDER BY id expand: SELECT groupname FROM usergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM usergroup WHERE username = '8charword' ORDER BY priority expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'mygroup' ORDER BY id rlm_sql (sql): User found in group mygroup expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'mygroup' ORDER BY id rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[dailycounter] returns noop ++[expiration] returns noop rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[cardscounter] returns noop ++[pap] returns updated rad_check_password: Found Auth-Type !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Replacing User-Password in config items with Cleartext-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!! Please update your configuration so that the "known good" !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! auth: type "PAP" +- entering group PAP rlm_pap: login attempt with password "!wayne#" rlm_pap: No password configured for the user. Cannot do authentication ++[pap] returns fail auth: Failed to validate the user. Login incorrect: [8charword/!wayne#] (from client station-DC port 2152726925 cli C4:2C:03:DA:11:44) Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> 8charword attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 110 to MYIP port 2343 Waking up in 4.9 seconds. Cleaning up request 0 ID 110 with timestamp +18 Ready to process requests. END OF MESSAGE MY ENTRIES : -radcheck +----+----------+-----------+----+---------+ | id | username | attribute | op | value | +----+----------+-----------+----+---------+ | 3 | 8charword| Password | == | !wayne# | +----+----------+-----------+----+---------+ - usergroup +----------+------------+----------+----+ | username | groupname | priority | id | +----------+------------+----------+----+ | 8charword| mygroup| 1 | 3 | +----------+------------+----------+----+ - radgroupcheck (I know I should not force Auth-Type, but without I get anoter error, and it worked for years on our old server) +----+------------+-----------+----+-------+ | id | groupname | attribute | op | value | +----+------------+-----------+----+-------+ | 1 | mygroup| Auth-Type | := | Local | +----+------------+-----------+----+-------+ - radgroupreply +----+------------+---------------------+----+------------+------+ | id | groupname | attribute | op | value | prio | +----+------------+---------------------+----+------------+------+ | 27 | mygroup| Mikrotik-Rate-Limit | = | 512k/4096k | 0 | +----+------------+---------------------+----+------------+----- When I replace 8charword with a username with 5 or less characters everything is fine. Can someone help me ? Thanx Wayne
|
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
