Alexander Serkin wrote: > Gurus, > may be i'm pulling some common mistake with my configuration being > tested against cvs snapshot, but no idea which one. > I've an sql profile telling: > > some.dotted.user Cleartext-Password = cisco > NAS-IP-Address =~ "xxx.xxx.97.(85|86)" >
Hmm I don't know how Cleartext-Password is mapped, always thought it was a legacy attribute. Try User-Password ? Also it's == not = for check items . > authentication request: > > User-Name = "some.dotted.user" > User-Password = "cisco" > Calling-Station-Id = "000000000000000" > Framed-Protocol = PPP > Service-Type = Framed-User > NAS-IP-Address = xxx.xxx.97.85 > > gives the access-reject for unknown (for me) reason: > > rlm_sql (sqlauth): sql_set_user escaped user --> 'some.dotted.user' > rlm_sql (sqlauth): Reserving sql socket id: 3 > radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE > Username = 'some.dotted.user' ORDER BY id' > SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = > 'some.dotted.user' ORDER BY id > ... > rlm_sql (sqlauth): Released sql socket id: 3 > modcall[authorize]: module "sqlauth" returns ok for request 0 > modcall: group authorize returns ok for request 0 > rad_check_password: Found Auth-Type Local > auth: type Local > auth: No password configured for the user > Login incorrect (No password configured for the user): > [some.dotted.user/cisco] (from client localhost port 0 cli 00000000000000) > auth: Failed to validate the user. > > I've checked the authorization sql query shown in debug - it properly > returns the profile configured > -- Arran Cudbard-Bell ([EMAIL PROTECTED]) Authentication Authorisation & Accounting Officer Infrastructure Services | ENG1 FF08 EXT:3900 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html