Error: "user supplied User-Password does NOT match local User-Password" even though they do.
Rens Houben
shadur at systemec.nl
Fri Aug 28 14:32:58 CEST 2009
On Fri, 2009-08-28 at 11:51 +0100, Ivan Kalik wrote:
> > On Fri, 2009-08-28 at 11:26 +0100, Ivan Kalik wrote:
> 1. You are using 1.x queries in a 2.x server. Fix that.
> 2. That user was found as system user as well and unix module is enabled.
> You likely have different password in /etc/passwd. Make sure you provide
> only one password to the server.
Here's what I'm getting with a newly made user and the 2.x queries set
up:
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "Nshadur", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
expand: %{User-Name} -> Nshadur
rlm_sql (sql): sql_set_user escaped user --> 'Nshadur'
rlm_sql (sql): sql_set_user escaped user --> 'Nshadur'
rlm_sql (sql): Reserving sql socket id: 4
expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER
BY id -> SELECT id, username, attribute, value, op FROM
radcheck WHERE username = 'Nshadur' ORDER BY id
+-----+----------+--------------------+-----------------+------+
| id | username | attribute | value | op |
+-----+----------+--------------------+-----------------+------+
| 347 | Nshadur | Cleartext-Password | foo | := |
+-----+----------+--------------------+-----------------+------+
rlm_sql (sql): User found in radcheck table
expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = '%{SQL-User-Name}' ORDER
BY id -> SELECT id, username, attribute, value, op FROM
radreply WHERE username = 'Nshadur' ORDER BY id
+----+----------+---------------+-------+------+
| id | username | attribute | value | op |
+----+----------+---------------+-------+------+
| 98 | Nshadur | Giganews-mbpm | 50000 | := |
+----+----------+---------------+-------+------+
expand: SELECT groupname FROM radusergroup WHERE
username = '%{SQL-User-Name}' ORDER BY priority -> SELECT
groupname FROM radusergroup WHERE username =
'Nshadur' ORDER BY priority
+-----------+
| groupname |
+-----------+
| news |
+-----------+
expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = 'news' ORDER BY
id
+----+-----------+----------------+-------+------+
| id | groupname | attribute | Value | op |
+----+-----------+----------------+-------+------+
| 8 | news | Huntgroup-Name | news | == |
+----+-----------+----------------+-------+------+
rlm_sql (sql): User found in group news
expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = 'news' ORDER BY
id
+----+-----------+---------------+-------+------+
| id | groupname | attribute | value | op |
+----+-----------+---------------+-------+------+
| 27 | news | Giganews-mbpm | 512 | := |
+----+-----------+---------------+-------+------+
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[pap] returns updated
rad_check_password: Found Auth-Type
auth: type "PAP"
+- entering group PAP
rlm_pap: login attempt with password "foo"
rlm_pap: No password configured for the user. Cannot do authentication
++[pap] returns fail
auth: Failed to validate the user.
Login incorrect: [Nshadur/foo] (from client giganews port 1)
The "No password configured for the user" line has me stumped,
personally...
> Ivan Kalik
> Kalik Informatika ISP
>
More information about the Freeradius-Users
mailing list