How do I define and Auth-Type for the user? Is it the Attribute field in
my radcheck table? That has 'User-Password' for everyone in the system.
The Value field also has our 'radius password' for all users. I have
read some about the hints file...do I need to do something like this:
Default Prefix = "Cisco-AVPair", Strip-User-Name = Yes
Hint = "CISCO"
Auth-Type = Local
...Or am I totally on the wrong track here? Another idea is to create a
two separate 'radcheck' tables, one for Cisco Aps and one for Orinoco
APs. What do yall think of that (there must be an easier way)? When it
say "module sql returns notfound" what does that mean? Sorry for all
the questions, I really appreciate your help.
--Mike Hall
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulrich
Walcher
Sent: Tuesday, August 12, 2003 1:01 PM
To: [EMAIL PROTECTED]
Subject: RE: Cisco Aironet - MAC auth logs
"auth: user supplied User-Password matches local User-Password" says
that the user matches a password in raddb/users file. You are
authenticating -> yes, but against a password-file. Authorization is
done in this case via sql.
With the Cisco box you get an error message saying: "Pairs do not match
[00022d111111]". Unfortunately I can't tell you why...
and:
"auth: No Auth-Type configuration for the request, rejecting the user"
You have not defined an Auth-Type for the user. Uli
Am Die, 2003-08-12 um 15.32 schrieb Mike Hall:
> I am definitely authenticating against mysql!! I have been working
> with this system for over a year and it has worked great...if the
user's MAC
> isn't in there then they can't authenticate. Matches "local"
> User-Password :: Doesn't that tell you im authenticating? Please
> advise..
>
> Mike
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Ulrich
> Walcher
> Sent: Tuesday, August 12, 2003 3:11 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Cisco Aironet - MAC auth logs
>
>
> See the differnece?!
>
> > ******** Output of the ORINOCO from radiusd -X:
> > rlm_sql: Released sql socket id: 4
> > modcall[authorize]: module "sql" returns ok
> > modcall[authorize]: module "files" returns notfound
> > modcall: group authorize returns ok
> > auth: type Local
>
> Auth-Type := Local
>
> > auth: user supplied User-Password matches local User-Password
>
> Matches "local" User-Password
>
> > Sending Access-Accept of id 31 to XXX.XX.XX.XX:6001 Finished request
> > 1
>
>
>
> > ******** Output of the CISCO from radiusd -X:
> > rlm_sql: Pairs do not match [00022d111111]
>
> !!!!!
>
>
> > rlm_sql: Released sql socket id: 4
> > modcall[authorize]: module "sql" returns notfound
> > modcall[authorize]: module "files" returns notfound
> > modcall: group authorize returns ok
> > auth: No Auth-Type configuration for the request, rejecting the user
>
> No Auth-Type
>
> > auth: Failed to validate the user.
> > Delaying request 0 for 1 seconds
> > Finished request 0
>
> AFAIS you're not authenticating against mysql... in none of the two
> cases!
>
>
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
