"Jason Lixfeld" <[EMAIL PROTECTED]> wrote: > With this configuration, the username is stripped as it should be, but I > get the following error in the log: ... > radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE > Username = '[EMAIL PROTECTED]' ORDER BY id'
That's most likely the problem. You're NOT telling the SQL query to use the Stripped-User-Name, if it's available. See the sql.conf file distributed with the server for comments on how to set up the 'sql_user_name' configuration item. > After reading Scott Bartlett's Freeradius & MySQL tutorial at > http://www.frontios.com/freeradius.html, I made the following change in > my sql.conf: I commented out the sql_user_name = "%{User-Name}" line and > uncommented the line above which reads: sql_user_name = > "%{Stripped-User-Name}"; > > Once I made that configuration change, my user that failed previously > was working fine, but now all my other users which do not use realms to > authenticate now fail. Yes, because that's exactly what you told it to do: Never look at the User-Name attribute, even if it's there. > I'm quite stumped and not too sure what to try next. Any assistance is > appreciated. Read the sql.conf file distributed with the latest version of the server. It has examples. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
