Hello all, WARNING LONG WINDED
I have changed from postgres to mysql for freeradius. This has solved the import user problem I was having. :) I am now having a problem with freeradius rejecting legitimate users. I have set it up follow instructions on this site http://www.frontios.com/freeradius.html. I started freeradius with "-xx" to look at what happening. ############################# .... Thread 5 waiting to be assigned a request rad_recv: Access-Request packet from host 127.0.0.1:32792, id=41, length=54 Thread 1 assigned request 0 SMUX connect try 2 Can't connect to SNMP agent with SMUX: Connection refused --- Walking the entire request list --- Threads: total/active/spare threads = 5/1/4 Nothing to do. Sleeping until we see a request. Thread 1 handling request 0, (1 handled so far) User-Name = "smoke" User-Password = "\346\307\375nl\350"\023)\226\202\321\350\n\253" NAS-IP-Address = 255.255.255.255 NAS-Port-Id = "0" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_realm: Looking up realm NULL for User-Name = "smoke" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop radius_xlat: 'smoke' sql_set_user: escaped user --> 'smoke' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'smoke' ORDER BY id' rlm_sql: Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'smoke' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'smoke' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'smoke' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' radius_xlat: 'SELECT Value,Attribute FROM radcheck WHERE UserName = 'smoke' AND ( Attribute = 'User-Password' OR Attribute = 'Password' OR Attribute = 'Crypt-Password' ) ORDER BY Attribute DESC' rlm_sql: Released sql socket id: 4 modcall[authorize]: module "sql" returns ok users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type "System" <--------WHAT IS THIS????? auth: Failed to validate the user. Login incorrect: [smoke/kwon12] (from client localhost port 0) Delaying request 0 for 1 seconds Finished request 0 Going to the next request Thread 1 waiting to be assigned a request rad_recv: Access-Request packet from host 127.0.0.1:32792, id=41, length=54 Sending Access-Reject of id 41 to 127.0.0.1:32792 Cisco-Idle-Limit = 1200 Cisco-Maximum-Channels = 1 SMUX connect try 3 Can't connect to SNMP agent with SMUX: Connection refused --- Walking the entire request list --- Threads: total/active/spare threads = 5/0/5 Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 41 with timestamp 3d52cb56 Nothing to do. Sleeping until we see a request. MASTER: exit on signal (2) [root@eros raddb]# #################################### It seems to be trying to use the database. And I can run a manual queries on the database just with the user 'smoke' with out problem. I have sql in the authorize section of radiusd.conf in between suffix and files. These three things with the addition of preprocess are all that is not commented out of this section. The authenticate section has nothing uncommented in it. I tried to put 'sql' in there but get this "radiusd.conf: "SQL" modules aren't allowed in 'authenticate' sections -- they have no such method." The accounting section has sql in it. Is there anything I need to do to the user file or make changes to the radiusd.conf file. I want all users to be in the database only. Thanks for the help, rick - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
