At Wed, 26 Nov 2003 09:24:15 -0300,
Kevork wrote:
>
> > On Wed, Nov 26, 2003 at 02:48:53AM -0300, [EMAIL PROTECTED] wrote:
> > > Please, some one can giveme some idea about how get freeradius
> authenticate
> > > any request that comes from an specified NAS-IP ?.
> >
> > This
> > NAS-IP-Address == 1.2.3.4
> > Auth-Type := Accept
> > should do as radcheck.
> >
> > Oliver.
> >
> Oliver, thank you !, I tried this on table radchek, for user "DEFAULT" but
> no success,
> also tried creating a group for the user DEFAULT, and setting those A/V on
> radgroupcheck, and none ....
>
> This is from radius -X, I am sure that may help ... but I can not get where
> I have the problem:
>
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> radius_xlat: 'tk'
> sql_set_user: escaped user --> 'tk'
> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
> Username = 'tk' ORDER BY id'
> rlm_sql: Reserving sql socket id: 4
> rlm_sql: User tk not found
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
As you can see your sql query returns no records for this username.
One configuration that can work is:
in the users file put
DEFAULT NAS-IP-Address == 1.2.3.4, Auth-Type := Accept
DEFAULT Autz-Type := SQL1
in this order. Then in radiusd.conf in the authorize section
do
authorize {
....
Autz-Type SQL1{
sql1
}
#
# Read the 'users' file
files
....
}
Finally in the sql.conf
sql sql1 {
....
# Database type
# Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
# rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
driver = "rlm_sql_oracle"
....
}
In this senario every user coming from NAS 1.2.3.4 will be accepted
and for the rest the sql authorization will take place.
> radius_xlat: 'SELECT
> radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
> ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
> usergroup.Username = 'tk' AND usergroup.GroupName = radgroupcheck.GroupName
> ORDER BY radgroupcheck.id'
> radius_xlat: 'SELECT
> radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
> ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
> usergroup.Username = 'tk' AND usergroup.GroupName = radgroupreply.GroupName
> ORDER BY radgroupreply.id'
> sql_set_user: escaped user --> 'DEFAULT'
> radius_xlat: 'SELECT
> radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
> ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
> usergroup.Username = 'DEFAULT' AND usergroup.GroupName =
> radgroupcheck.GroupName ORDER BY radgroupcheck.id'
> radius_xlat: 'SELECT
> radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
> ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
> usergroup.Username = 'DEFAULT' AND usergroup.GroupName =
> radgroupreply.GroupName ORDER BY radgroupreply.id'
> rlm_sql: Pairs do not match [DEFAULT]
> rlm_sql: Released sql socket id: 4
> modcall[authorize]: module "sql" returns notfound
> modcall: group authorize returns ok
> auth: No Auth-Type configuration for the request, rejecting the user
> auth: Failed to validate the user.
>
>
>
> Thank you again,
> Kevork.
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
======================================================
Kostas Zorbadelos
Currently at: Otenet IT Department
mailto: [EMAIL PROTECTED]
Out there in the darkness, out there in the night
out there in the starlight, one soul burns brighter
than a thousand suns.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
