Hello again Louis;
This is what i got from radius log.
Thu Jun 4 16:14:12 2015 : Error: rlm_sql_mysql: Mysql error 'Can't connect
to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)'
Thu Jun 4 16:14:12 2015 : Error: rlm_sql (sql): Failed to connect DB
handle #0
Thu Jun 4 16:14:12 2015 : Error: rlm_sql (sql): There are no DB handles to
use! skipped 5, tried to connect 0
Thu Jun 4 16:14:12 2015 : Error: Failed to load clients from SQL.
Thu Jun 4 16:14:12 2015 : Info: rlm_sql (sql): Closing sqlsocket 4
Thu Jun 4 16:14:12 2015 : Info: rlm_sql (sql): Closing sqlsocket 3
Thu Jun 4 16:14:12 2015 : Info: rlm_sql (sql): Closing sqlsocket 2
Thu Jun 4 16:14:12 2015 : Info: rlm_sql (sql): Closing sqlsocket 1
Thu Jun 4 16:14:12 2015 : Info: rlm_sql (sql): Closing sqlsocket 0
Thu Jun 4 16:14:12 2015 : Error: /usr/local/pf/raddb//sql.conf[4]:
Instantiation failed for module "sql"
this is my sql.conf file.
# This file is generated from a template at
/usr/local/pf/conf/radiusd/sql.conf
# Any changes made to this file will be lost on restart
sql {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
port = 3306
login = "pf"
password = "sdfghj"
radius_db = "pf"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "radcheck"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
lifetime = 0
max_queries = 0
readclients = yes
nas_table = "radius_nas"
$INCLUDE sql/${database}/packetfence.conf
}
sql pfguest {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
port = 3306
login = "pf"
password = "sdfghj"
radius_db = "pf"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "password"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
sql_user_name = "%{User-Name}"
authorize_check_query = "SELECT 1, pid, \"Cleartext-Password\",
password, \":=\" \
FROM ${authcheck_table} \
JOIN activation using (pid) \
WHERE pid = '%{SQL-User-Name}' \
AND (SELECT type from activation WHERE pid='%{SQL-User-Name}'
ORDER BY code_id DESC LIMIT 1) = \"guest\" \
AND now() <= password.unregdate \
LIMIT 1 "
authorize_reply_query = ""
group_membership_query = ""
authorize_group_check_query = ""
authorize_group_reply_query = ""
simul_verify_query = ""
postauth_query = ""
}
sql pfsponsor {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
port = 3306
login = "pf"
password = "sdfghj"
radius_db = "pf"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "password"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
sql_user_name = "%{User-Name}"
authorize_check_query = "SELECT 1, pid, \"Cleartext-Password\",
password, \":=\" \
FROM ${authcheck_table} \
JOIN activation using (pid) \
WHERE pid = '%{SQL-User-Name}' \
AND (SELECT type from activation WHERE pid='%{SQL-User-Name}'
ORDER BY code_id DESC LIMIT 1) = \"sponsor\" \
AND now() <= password.unregdate \
LIMIT 1 "
authorize_reply_query = ""
group_membership_query = ""
authorize_group_check_query = ""
authorize_group_reply_query = ""
simul_verify_query = ""
postauth_query = ""
}
sql pfsms {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
port = 3306
login = "pf"
password = "sdfghj"
radius_db = "pf"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "password"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
sql_user_name = "%{User-Name}"
authorize_check_query = "SELECT 1, pid, \"Cleartext-Password\",
password, \":=\" \
FROM ${authcheck_table} \
JOIN activation using (pid) \
WHERE pid = '%{SQL-User-Name}' \
AND (SELECT type from activation WHERE pid='%{SQL-User-Name}'
ORDER BY code_id DESC LIMIT 1) = \"sms\" \
AND now() <= password.unregdate \
LIMIT 1 "
authorize_reply_query = ""
group_membership_query = ""
authorize_group_check_query = ""
authorize_group_reply_query = ""
simul_verify_query = ""
postauth_query = ""
}
sql pflocal {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
port = 3306
login = "pf"
password = "sdfghj"
radius_db = "pf"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "password"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
sql_user_name = "%{User-Name}"
authorize_check_query = "SELECT 1, pid, \"Cleartext-Password\",
password, \":=\" \
FROM ${authcheck_table} \
WHERE pid = '%{SQL-User-Name}' \
AND NOT EXISTS (SELECT pid FROM activation WHERE pid =
'%{SQL-User-Name}') "
authorize_reply_query = ""
group_membership_query = ""
authorize_group_check_query = ""
authorize_group_reply_query = ""
simul_verify_query = ""
postauth_query = ""
}
and this is the packetfence-tunnel file
server packetfence-tunnel {
authorize {
suffix
ntdomain
eap {
ok = return
}
files
sql
####Activate local user eap authentication based on a specific SSID ####
## Set Called-Station-SSID with the current SSID
# set.called_station_ssid
# if (Called-Station-SSID == 'Secure-Wireless') {
## Disable ntlm_auth
# update control {
# MS-CHAP-Use-NTLM-Auth := No
# }
#Check password table for local user
pflocal
# if (fail || notfound) {
## Check password table with email and password for a sponsor registration
# pfguest
# if (fail || notfound) {
## Check password table with email and password for a guest registration
# pfsponsor
# if (fail || notfound) {
## Check activation table with phone number and PIN code
# pfsms
# if (fail || notfound) {
# update control {
# MS-CHAP-Use-NTLM-Auth := Yes
# }
# }
# }
# }
# }
# }
expiration
logintime
}
authenticate {
Auth-Type MS-CHAP {
mschap
}
eap
}
session {
radutmp
sql
}
post-auth {
exec
update control {
PacketFence-RPC-Server = ${rpc_host}
PacketFence-RPC-Port = ${rpc_port}
PacketFence-RPC-User = ${rpc_user}
PacketFence-RPC-Pass = ${rpc_pass}
PacketFence-RPC-Proto = ${rpc_proto}
}
packetfence
Post-Auth-Type REJECT {
attr_filter.access_reject
}
}
pre-proxy {
}
post-proxy {
eap
}
} # packetfence-tunnel server block
Regards and appology.
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
