auth-type problem

To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
Subject: auth-type problem
From: "liran tal" <liransgarage@gmail.com>
Date: Sat, 5 May 2007 19:22:57 +0200
Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>

Hey everyone,

I've used an older version of FreeRADIUS before (I think 1.1.0) with mysql as a backend and all I had to do
to authenticate users is have the following entry in radcheck table: | 1 | admin    | Password        | == | admin |
although I see some errors when using radiusd -X and the error received is username/password not correct.
The log from freeradius is:

modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "admin", looking up realm NULL
    rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 1
    users: Matched entry DEFAULT at line 152
    users: Matched entry DEFAULT at line 171
    users: Matched entry DEFAULT at line 183
modcall[authorize]: module "files" returns ok for request 1
radius_xlat: 'admin'
rlm_sql (sql): sql_set_user escaped user --> 'admin'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op           FROM radcheck           WHERE Username = 'admin'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'admin' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op           FROM radreply           WHERE Username = 'admin'           ORDER BY id'
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'admin' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 2
modcall[authorize]: module "sql" returns ok for request 1
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 1
rlm_sqlcounter: Entering module authorize code
sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}''
radius_xlat: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin''
sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin'}'
radius_xlat: Running registered xlat function of module sql for string 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin''
rlm_sql (sql): - sql_xlat
radius_xlat: 'admin'
rlm_sql (sql): sql_set_user escaped user --> 'admin'
radius_xlat: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin''
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): - sql_xlat finished
rlm_sql (sql): Released sql socket id: 1
radius_xlat: '27'
rlm_sqlcounter: (Check item - counter) is greater than zero
rlm_sqlcounter: Authorized user admin, check_item=86400, counter=27
rlm_sqlcounter: Sent Reply-Item for user admin, Type=Session-Timeout, value=300
modcall[authorize]: module "noresetcounter" returns ok for request 1
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "dailycounter" returns noop for request 1
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
modcall[authorize]: module "monthlycounter" returns noop for request 1
modcall: leaving group authorize (returns ok) for request 1
rad_check_password: Found Auth-Type System
auth: type "System"
ERROR: Unknown value specified for Auth-Type. Cannot perform requested action.
auth: Failed to validate the user.
Login incorrect: [admin/admin] (from client localhost port 1)
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...

It mentions some error about Auth-Type so I added another entry for that user in the table which is:
| 2 | admin     | Auth-Type       | := | Local |

And then it works fine.
My question is why does it require the Auth-Type entry to be added? I've used freeradius with mysql before without having
to enter an Auth-Type entry for each user in the radcheck table.

My radiusd.conf authenticate { } section has no sql mentioning there.
Could that be it?

Thanks in advance,
Liran.

Follow-Ups:
- Re: auth-type problem
  - From: <tnt@kalik.co.yu>

Previous by Date: MySQL Authentication
Next by Date: Stops working all of a sudden
Previous by Thread: Re: Attributes mapping between LDAP and RADIUS
Next by Thread: Re: auth-type problem
Freeradius-Users May 2007 archives indexes sorted by: [ thread ] [ subject ] [ author ] [ date ]
Freeradius-Users list archive Table of Contents
More information about the Freeradius-Users mailing list

This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.