subject:"RE\: Re\: freeradius 1.1.1 and mysql issues"

RE: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread simon

Hi,

I have tried reordering the elements in the radiusd.conf file so that the 
database is tried first, and then commented out the section to check the users 
file, and I am still having the same issues.

Here is the output again:

Ready to process requests.
rad_recv: Access-Request packet from host 10.10.1.1:1320, id=0, length=123
User-Name = simon
NAS-IP-Address = 10.10.1.1
Called-Station-Id = 0014bff3dac8
Calling-Station-Id = 0013ce29c6d7
NAS-Identifier = 0014bff3dac8
NAS-Port = 56
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020a0173696d6f6e
Message-Authenticator = 0x68b3f01e605eb032281dd6c99dfd9e52
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module preprocess returns ok for request 0
  modcall[authorize]: module chap returns noop for request 0
  modcall[authorize]: module mschap returns noop for request 0
rlm_realm: No '@' in User-Name = simon, looking up realm NULL
rlm_realm: No such realm NULL
  modcall[authorize]: module suffix returns noop for request 0
  rlm_eap: EAP packet type response id 0 length 10
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module eap returns updated for request 0
radius_xlat:  'simon'
rlm_sql (sql): sql_set_user escaped user -- 'simon'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op   FROM 
radcheck   WHERE Username = 'simon'   ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op   FROM 
radcheckWHERE Username = 'simon'   ORDER BY id
radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op   FROM 
radreply   WHERE Username = 'simon'   ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op   FROM 
radreplyWHERE Username = 'simon'   ORDER BY id
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
  FROM radgroupreply,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
  FROM radgroupreply,usergroup WHERE usergroup.Username = 'simon' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module sql returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [simon/no User-Password attribute] (from client linksys-434 
port 56 cli 0013ce29c6d7)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 0 to 10.10.1.1 port 1320
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 447ef7e2
Nothing to do.  Sleeping until we see a request.


As before, it still authenticates perfectly when I try it with either NTRadPing 
or radtest.

Thanks again,

Simon


hi,

you say it works okay with NTRadPing and that when you use an entry in users 
file it works...however
in the log you supplied its still matching an entry in the users file - and 
the server is then
happy to use that matching entry rather than one in the DB. the log you posted 
also shows that it
is attempting to use the files method...and that the match told it to use 
Local authentication..the
database query is then superfluous.

alan
- 
List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread Seferovic Edvin

  modcall[authorize]: module sql returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [simon/no User-Password attribute] (from client
linksys-434 port 56 cli 0013ce29c6d7)

There is no password ? Is that okay?

You can set Auth-Type to Accept if the user is found in sql !
If that is what you actually want.

Regards,

Edvin


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: RE: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread simon

There is a password in the database (in the radcheck table) associated with 
the username.  I am also supplying both the username and password on my laptop 
as I am trying to connect.  I currently have the Auth-Type being set (:=) to 
Local in the radgroupcheck table.  I believe this should all be set up 
properly.  

Simon

  modcall[authorize]: module sql returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [simon/no User-Password attribute] (from client
linksys-434 port 56 cli 0013ce29c6d7)

There is no password ? Is that okay?

You can set Auth-Type to Accept if the user is found in sql !
If that is what you actually want.

Regards,

Edvin


- 
List info/subscribe/unsubscribe? See 
http://www.freeradius.org/list/users.html
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Re: freeradius 1.1.1 and mysql issues

2006-06-01 Thread A . L . M . Buxey

Hi,

 I have tried reordering the elements in the radiusd.conf file so that the 
 database is tried first, and then commented out the section to check the 
 users file, and I am still having the same issues.
 
 Here is the output again:
 
 modcall: leaving group authorize (returns updated) for request 0
   rad_check_password:  Found Auth-Type Local
 auth: type Local
 auth: No User-Password or CHAP-Password attribute in the request
^^^


 auth: Failed to validate the user.
 Login incorrect: [simon/no User-Password attribute] (from client 
 linksys-434 port 56 cli 0013ce29c6d7)
^^

check the logs when you run NTRadPing etc - it looks like the linksys isnt 
sending all it needs
to send.

alan
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: Re: freeradius 1.1.1 and mysql issues

RE: Re: freeradius 1.1.1 and mysql issues

RE: RE: Re: freeradius 1.1.1 and mysql issues

Re: Re: freeradius 1.1.1 and mysql issues

4 matches

Site Navigation

Mail list logo

Footer information