do you think its even checking the mysql database? did you try to run freeradius with -xx option? by the way the op field should be := shouldnt it ?
Evren On Tue, 10 Dec 2002, Mike Paneth wrote: > > I have got FR 0.8 & MySQL up and running on > LINUX 8, but I cannot authenticate. Where am > I going wrong? > > Mike Paneth > > I issue the following test message > [root@Psyche root]# radtest root emptar1 > localhost 0 testing123 > > and get the following response > > Sending Access-Request of id 197 to > 127.0.0.1:1812 > User-Name = "root" > User-Password = > "\303\343W\035W\376\372\016\277\315\311x\220\341\255-" > NAS-IP-Address = Psyche > NAS-Port = 0 > rad_recv: Access-Accept packet from host > 127.0.0.1:1812, id=197, length=20 > [root@Psyche root]# radtest bob bobbob > localhost 0 testing123 > Sending Access-Request of id 201 to > 127.0.0.1:1812 > User-Name = "bob" > User-Password = > "\272-\207W\306\206\372\316\200\214\202q\002WeQ" > NAS-IP-Address = Psyche > NAS-Port = 0 > rad_recv: Access-Reject packet from host > 127.0.0.1:1812, id=201, length=20 > > The user bob has been set up on MySQL > mysql> select * from radcheck; > +----+----------+-----------+--------+------+ > | id | UserName | Attribute | Value | op | > +----+----------+-----------+--------+------+ > | 1 | bob | password | bobbob | NULL | > +----+----------+-----------+--------+------+ > 1 row in set (0.00 sec) > > mysql> select * from radacct; > Empty set (0.00 sec) > > mysql> select * from usergroup; > +----+----------+-----------+ > | id | UserName | GroupName | > +----+----------+-----------+ > | 1 | bob | dynamic | > +----+----------+-----------+ > 1 row in set (0.00 sec) > > Looking at the FR dialog I get the following. > > rad_recv: Access-Request packet from host > 127.0.0.1:32769, id=201, length=55 > User-Name = "bob" > User-Password = "bobbob" > NAS-IP-Address = 255.255.255.255 > NAS-Port = 0 > modcall: entering group authorize > modcall[authorize]: module "preprocess" > returns ok > rlm_realm: No '@' in User-Name = "bob", > looking up realm NULL > rlm_realm: No such realm NULL > modcall[authorize]: module "suffix" returns > noop > radius_xlat: 'bob' > rlm_sql (sql): sql_set_user escaped user --> > 'bob' > radius_xlat: 'SELECT > id,UserName,Attribute,Value,op FROM radcheck > WHERE Username = 'bob' ORDER BY id' > rlm_sql (sql): Reserving sql socket id: 0 > rlm_sql: The 'op' field for attribute > 'password = bobbob' is NULL, or non-existent. > rlm_sql: You MUST FIX THIS if you want the > configuration to behave as you expect. > radius_xlat: 'SELECT > >radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op > FROM radgroupcheck,usergroup WHERE > usergroup.Username = 'bob' AND > usergroup.GroupName = radgroupcheck.GroupName > ORDER BY radgroupcheck.id' > radius_xlat: 'SELECT > id,UserName,Attribute,Value,op FROM radreply > WHERE Username = 'bob' ORDER BY id' > radius_xlat: 'SELECT > >radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op > FROM radgroupreply,usergroup WHERE > usergroup.Username = 'bob' AND > usergroup.GroupName = radgroupreply.GroupName > ORDER BY radgroupreply.id' > rlm_sql (sql): Released sql socket id: 0 > modcall[authorize]: module "sql" returns ok > users: Matched DEFAULT at 152 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok > rad_check_password: Found Auth-Type System > auth: type "System" > modcall: entering group authenticate > modcall[authenticate]: module "unix" > returns notfound > modcall: group authenticate returns notfound > auth: Failed to validate the user. > Delaying request 4 for 1 seconds > Finished request 4 > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
