Hi ..
Radius Version = 0.9.2
Mysql Version = 4.0.20
Linux Redhat = Red Hat Enterprise Linux AS release 3 (Taroon Update 2)
I have tried authenticating users with user info in "users" file and
it works fine , however when i move the same info to mysql , it doesnt
work . Below are Mysql Tables and their contents used .
mysql> select * from usergroup ;
+----+----------+-----------+
| id | UserName | GroupName |
+----+----------+-----------+
| 3 | asghar | propel |
+----+----------+-----------+
mysql> select * from radcheck ;
+----+----------+-----------+----+--------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+--------+
| 5 | asghar | Password | == | asghar |
+----+----------+-----------+----+--------+
mysql> select * from radreply ;
+----+----------+-----------+----+-------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+-------+
| 3 | asghar | Auth-Type | := | Local |
+----+----------+-----------+----+-------+
All the other mysql tables ( raddacct , radgroupcheck , radgroupreply)
are empty .
Running the radius server in debug gives me the following output.
rad_recv: Access-Request packet from host 172.16.8.6:32781, id=31, length=70
User-Name = "asghar"
User-Password = "asghar"
Propel-Client-IP-Address = 172.16.1.131
Propel-Client-Source-ID = 1
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
rlm_eap: EAP-Message not found
modcall[authorize]: module "eap" returns noop for request 2
rlm_realm: No '@' in User-Name = "asghar", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
radius_xlat: 'asghar'
rlm_sql (sql): sql_set_user escaped user --> 'asghar'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = 'asghar' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'asghar' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = 'asghar' ORDER BY id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'asghar' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id'
rlm_sql (sql): Released sql socket id: 3
modcall[authorize]: module "sql" returns ok for request 2
users: Matched DEFAULT at 165
modcall[authorize]: module "files" returns ok for request 2
modcall[authorize]: module "mschap" returns noop for request 2
modcall: group authorize returns ok for request 2
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate for request 2
modcall[authenticate]: module "unix" returns notfound for request 2
modcall: group authenticate returns notfound for request 2
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 172.16.8.6:32781, id=31, length=70
Sending Access-Reject of id 31 to 172.16.8.6:32781
--- Walking the entire request list ---
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 31 with timestamp 40dfc4c7
Nothing to do. Sleeping until we see a request.
--------------------------------------------------------------------------------------------------------------
A clue in the debug output is the following line "rad_check_password:
Found Auth-Type System" . If you look at Mysql radreply tables i have
specifically tried to
specify Auth-Type to be Local and not System .
I would really appreciate if some one can help me understand where i
am going wrong .
Thanks
Ali
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
