> [EMAIL PROTECTED] wrote:
> > Our secondary radius server is running freeradius-0.8.1. I am in
> > the process of upgrading our primary radius server and have
> > installed freeradius-1.0.1. I went ahead and scp the configuration
> > files from our secondary radius server to this new machine. The
> > problem that I am running into is handling ATTRIB_NMC. We do need
> > to include dictionary.usr. Commenting out dictionary.usr in the
> > dictionary file does allow the radiusd to run at start-up, else I
> > get the error below:
>
> You MUST use the 1.0.1 dictionaries with the 1.0.1 server. The
> "make install" process prints out big warnings about the dictionaries
> not being upgraded.
>
> If you haven't edited the 0.8.1 dictionaries, then copy the
> "raddb/dictionary" file from where-ever you built the server (source),
> to /etc/raddb/dictionary.
>
> Alan DeKok.
>
Hello Alan,
Thank you for your input.
I went ahead and did what you suggested. Yes, the 1.0.1 server's radiusd does
start at start-up, but this is the error I get when I use one of our other
server to test authentication:
------------------cut------------------
Fri Feb 25 10:14:55 2005 : Info: Using deprecated realms file. Support for this
will go away soon.
Fri Feb 25 10:14:58 2005 : Info: Ready to process requests.
Fri Feb 25 10:18:30 2005 : Error: Invalid operator for item Suffix: reverting to
'=='
Fri Feb 25 10:18:30 2005 : Error: Invalid operator for item Suffix: reverting to
'=='
Fri Feb 25 10:18:30 2005 : Error: Invalid operator for item Suffix: reverting to
'=='
------------------cut------------------
These are the same logs I was getting when I was using the 0.8.1 dictionaries,
but commented out the dictionary.usr in the dictionary file. Here are the logs
running radiusd in debug mode:
------------------cut------------------
rad_recv: Access-Request packet from host xx.xxx.xx.xx:xxxxx, id=xx, length=xx
User-Name = "user"
User-Password = "password"
Service-Type = Outbound-User
NAS-IP-Address = xx.xxx.xx.xx
NAS-Port = 1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
Invalid operator for item Suffix: reverting to '=='
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "user", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
users: Matched user at xxxxx
modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
modcall[authenticate]: module "unix" returns notfound for request 0
modcall: group authenticate returns notfound for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
..
------------------cut------------------
Thank you,
Jane
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
