sending Access-request, Access-Reject
hi can someone help me in that i add a users : abc cleartext-password:=123 and i run freeradius -X after that i do: r...@pfe-laptop:/home/pfe# radtest abc 123 localhost 1812 testing123 Sending Access-Request of id 48 to 127.0.0.1 port 1812 User-Name = abc User-Password = 123 NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=48, length=20 and this is the output of deamon: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:41804, id=48, length=55 User-Name = abc User-Password = 123 NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module preprocess returns ok for request 0 modcall[authorize]: module chap returns noop for request 0 modcall[authorize]: module mschap returns noop for request 0 rlm_realm: No '@' in User-Name = abc, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module eap returns noop for request 0 users: Matched entry DEFAULT at line 153 users: Matched entry abc at line 216 modcall[authorize]: module files returns ok for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module pap returns noop for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type System Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module unix returns notfound for request 0 modcall: leaving group authenticate (returns notfound) for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 48 to 127.0.0.1 port 41804 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 48 with timestamp 4beb3ff9 Nothing to do. Sleeping until we see a request. _ Hotmail: Free, trusted and rich email service. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: sending Access-request, Access-Reject
On 05/12/2010 08:01 PM, dorra aa wrote: hi can someone help me in that i add a users : abc cleartext-password:=123 It's right there in the debug output users: Matched entry DEFAULT at line 153 users: Matched entry abc at line 216 modcall[authorize]: module files returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rlm_pap: Found existing Auth-Type, not changing it. rad_check_password: Found Auth-Type System modcall[authenticate]: module unix returns notfound for request 0 It shouldn't be using an auth-type of System, that means to lookup the user in the /etc/passwd (/etc/shadow) file. But you don't have a user on your system named abc so the not found result makes sense, right? Why is it trying to find abc amongst the unix users on your system? The answer is right above, look at the lines labeled users:, that's your users file, also look at the line that says Found Auth-Type, not changing it. So somthing in your users file forced the user abc to have an Auth-Type of system or unix, it also tells you which lines in the users files it matched. Go fix your users file so it doesn't do that. I'm guessing in your attempts to get things working you may have mangled the example users file, you might want to start with the unaltered users file and just add your test user. All this is documented in the link I sent you a week ago: http://deployingradius.com/documents/configuration/pap.html -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
