> Perhaps do what is suggested wherever you care to look (this > list, documentation, website, ...) - run server in debug mode > (radiusd -X). Then you will see exactly what is happening.
I did that, and it didn't help. I added a realm definition back in to the config file, and here's the debug output now: > [suffix] Looking up realm "soe.ucsc.edu" for User-Name = "[email protected]" > [suffix] Found realm "soe.ucsc.edu" > [suffix] Adding Stripped-User-Name = "tjg" > [suffix] Adding Realm = "soe.ucsc.edu" > [suffix] Authentication realm is LOCAL. So far so good... > [ldap] performing user authorization for tjg > [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for > details > [ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) -> (uid=tjg) > [ldap] expand: dc=soe,dc=ucsc,dc=edu -> dc=soe,dc=ucsc,dc=edu Depreciated syntax aside, we're still doing good... > [sql] WARNING: Deprecated conditional expansion ":-". See "man unlang" for > details > [sql] expand: insert into RadiusLog (SessionID, UserName, WapIpAddress, > UserMacAddress, StartTime) value ('%{Acct-Session-Id}', > '%{Stripped-User-Name:-%{User-Name}}', '%{NAS-IP-Address}', > '%{Calling-Station-Id}', '%S') -> insert into RadiusLog (SessionID, UserName, > WapIpAddress, UserMacAddress, StartTime) value ('0004F8C5', > '[email protected]', '192.168.32.8', '0024.2b58.2f46', '2009-11-23 14:13:42') Doh, no dice! Incidentally, as I mentioned in another reply a few minutes ago, using %{SQL-User-Name} instead of %{User-Name} results in an empty string, and using only %{Stripped-User-Name} also results in an empty string. If you really would like me to, I suppose I could get you the whole debug output, but it's a few thousand lines for a single authorization. Tim Gustafson Baskin School of Engineering UC Santa Cruz [email protected] 831-459-5354 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
