sql auth problems with 2.0.0-pre
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Thu Apr 12 12:41:53 CEST 2007
Alexander Serkin wrote:
> Gurus,
> may be i'm pulling some common mistake with my configuration being
> tested against cvs snapshot, but no idea which one.
> I've an sql profile telling:
>
> some.dotted.user Cleartext-Password = cisco
> NAS-IP-Address =~ "xxx.xxx.97.(85|86)"
>
Hmm I don't know how Cleartext-Password is mapped, always thought it was
a legacy attribute.
Try User-Password ? Also it's == not = for check items .
> authentication request:
>
> User-Name = "some.dotted.user"
> User-Password = "cisco"
> Calling-Station-Id = "000000000000000"
> Framed-Protocol = PPP
> Service-Type = Framed-User
> NAS-IP-Address = xxx.xxx.97.85
>
> gives the access-reject for unknown (for me) reason:
>
> rlm_sql (sqlauth): sql_set_user escaped user --> 'some.dotted.user'
> rlm_sql (sqlauth): Reserving sql socket id: 3
> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
> Username = 'some.dotted.user' ORDER BY id'
> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username =
> 'some.dotted.user' ORDER BY id
> ...
> rlm_sql (sqlauth): Released sql socket id: 3
> modcall[authorize]: module "sqlauth" returns ok for request 0
> modcall: group authorize returns ok for request 0
> rad_check_password: Found Auth-Type Local
> auth: type Local
> auth: No password configured for the user
> Login incorrect (No password configured for the user):
> [some.dotted.user/cisco] (from client localhost port 0 cli 00000000000000)
> auth: Failed to validate the user.
>
> I've checked the authorization sql query shown in debug - it properly
> returns the profile configured
>
--
Arran Cudbard-Bell (ac221 at sussex.ac.uk)
Authentication Authorisation & Accounting Officer
Infrastructure Services | ENG1 FF08
EXT:3900
More information about the Freeradius-Users
mailing list