Re: Realm users authentication failure

Wed, 19 Oct 2005 14:59:44 -0700 

On Wed, 2005-10-19 at 00:10 +0200, Luca Corti wrote:

I've done further debugging on this with 'radiusd -X', here's what I
get:


  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: Looking up realm "otherrealm" for User-Name =
"[EMAIL PROTECTED]"
    rlm_realm: Found realm "otherrealm"
    rlm_realm: Proxying request from user user to realm othereralm
    rlm_realm: Adding Realm = "otherrealm"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 1
radius_xlat:  '[EMAIL PROTECTED]'
rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = '[EMAIL PROTECTED]' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
  FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' 
AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE
Username = '[EMAIL PROTECTED]' ORDER BY id'
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
  FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' 
AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): No matching entry in the database for request from user
[EMAIL PROTECTED]
rlm_sql (sql): Released sql socket id: 2
  modcall[authorize]: module "sql" returns notfound for request 1
modcall: group authorize returns noop for request 1
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user


I've searched the mailing-list archives and google looking for similar
problems, and they suggest to set Auth-Type := Local in the
radgroupcheck table. I've done this, but I get the same result.

Also my users in the stripped realm don't have Auth-Type set and they
authenticate correctly.

thanks

-- 
Luca Corti
PGP Key ID 1F38C091

Attachment: signature.asc
Description: This is a digitally signed message part

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to