For some reason, the hints file doesn't seem to get honored when a user
with an entry the sql database is trying to authenticate on my system.
Here's my hints file:
DEFAULT Suffix = ".ppp", Strip-User-Name = Yes
Hint = "PPP",
Service-Type = Framed-User,
Framed-Protocol = PPP,
Fall-Through = Yes
DEFAULT Suffix = ".roaming", Strip-User-Name = Yes
Hint = "PPP",
Service-Type = Framed-User,
Framed-Protocol = PPP,
Fall-Through = Yes
It doesn't seem to be authenticating properly if the realm is specified
either, even though the realm is specified in the realms file.
huntgroups is being honored, so it would appear that preprocess is
being used.
This is debug output from an attempt with the realm name, the debug output
from an attempt with .ppp suffix is the next one below this.
rad_recv: Access-Request packet from host 192.168.1.20:2465, id=96, length=82
User-Name = "[EMAIL PROTECTED]"
User-Password = "<snipped>"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-IP-Address = 192.168.1.20
NAS-Port = 0
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm cloud9.net for User-Name =
"[EMAIL PROTECTED]"
rlm_realm: Found realm cloud9.net
rlm_realm: Adding Stripped-User-Name = "foo"
rlm_realm: Proxying request from user foo to realm cloud9.net
rlm_realm: Adding Realm = "cloud9.net"
rlm_realm: Authentication realm is LOCAL.
rlm_realm: auth_port is not set. proxy cancelled
modcall[authorize]: module "suffix" returns noop
radius_xlat: '[EMAIL PROTECTED]'
sql_set_user: escaped user --> '[EMAIL PROTECTED]'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = '[EMAIL PROTECTED]' ORDER BY id'
rlm_sql: Reserving sql socket id: 4
rlm_sql: User [EMAIL PROTECTED] not found
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username =
'[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName
ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username =
'[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName
ORDER BY radgroupreply.id'
sql_set_user: escaped user --> 'DEFAULT'
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: DEFAULT not found
rlm_sql: Released sql socket id: 4
modcall[authorize]: module "sql" returns notfound
huntgroups: Matched local at 50
users: Matched DEFAULT at 19
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
rad_lowerpair: Stripped-User-Name now 'foo'
rad_rmspace_pair: Stripped-User-Name now 'foo'
rad_rmspace_pair: User-Password now 'BAR'
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "suffix" returns noop
radius_xlat: '[EMAIL PROTECTED]'
sql_set_user: escaped user --> '[EMAIL PROTECTED]'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = '[EMAIL PROTECTED]' ORDER BY id'
rlm_sql: Reserving sql socket id: 3
rlm_sql: User [EMAIL PROTECTED] not found
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username =
'[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName
ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username =
'[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName
ORDER BY radgroupreply.id'
sql_set_user: escaped user --> 'DEFAULT'
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: DEFAULT not found
rlm_sql: Released sql socket id: 3
modcall[authorize]: module "sql" returns notfound
huntgroups: Matched local at 50
users: Matched DEFAULT at 19
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
.ppp in the username:
rad_recv: Access-Request packet from host 192.168.1.20:2558, id=225, length=75
User-Name = "foo.ppp"
User-Password = "<snipped>"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-IP-Address = 192.168.1.20
NAS-Port = 0
modcall: entering group authorize
hints: Matched DEFAULT at 27
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "foo"
rlm_realm: Found realm NULL
rlm_realm: Setting Stripped-User-Name = "foo"
rlm_realm: Proxying request from user foo to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
rlm_realm: auth_port is not set. proxy cancelled
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'foo.ppp'
sql_set_user: escaped user --> 'foo.ppp'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'foo.ppp' ORDER BY id'
rlm_sql: Reserving sql socket id: 3
rlm_sql: User foo.ppp not found
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'foo.ppp' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'foo.ppp' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
sql_set_user: escaped user --> 'DEFAULT'
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: DEFAULT not found
rlm_sql: Released sql socket id: 3
modcall[authorize]: module "sql" returns notfound
huntgroups: Matched local at 50
users: Matched DEFAULT at 19
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
rad_lowerpair: Stripped-User-Name now 'foo'
rad_rmspace_pair: Stripped-User-Name now 'foo'
rad_rmspace_pair: User-Password now 'BAR'
modcall: entering group authorize
hints: Matched DEFAULT at 27
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Request already proxied. Ignoring.
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'foo.ppp'
sql_set_user: escaped user --> 'foo.ppp'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = 'foo.ppp' ORDER BY id'
rlm_sql: Reserving sql socket id: 2
rlm_sql: User foo.ppp not found
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'foo.ppp' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'foo.ppp' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
sql_set_user: escaped user --> 'DEFAULT'
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'DEFAULT' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql: DEFAULT not found
rlm_sql: Released sql socket id: 2
modcall[authorize]: module "sql" returns notfound
huntgroups: Matched local at 50
users: Matched DEFAULT at 19
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Delaying request 5 for 1 seconds
Finished request 5
Going to the next request
--
Mark P. Hennessy [EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
