Incorrect username being registered by freeradius

Tue Jun 23 15:00:20 CEST 2020

On Jun 22, 2020, at 10:04 PM, Daniel Guimaraes Pena <daniel.pena at mpdft.mp.br> wrote:
> 
> Hi everyone,
> 
> My freeradius (FreeRADIUS Version 3.0.12) sometimes accept users and logs at postgre some username that just don’t exist at Active Directory. I just couldn’t debug and stopped at dead end now.

  FreeRADIUS doesn't accept *any* users by default.  So if it accepts a user name, it's because your local system is configured to accept them.

> Here to illustrate:
> Mon Jun 22 18:35:06 2020 : Auth: (82485)   Login OK: [flaviol] (from client AP-SD1-A07-Q04 port 0 via TLS tunnel)
> Mon Jun 22 18:35:06 2020 : Auth: (82486) Login OK: [flaviol] (from client AP-SD1-A07-Q04 port 2 cli E0-5F-45-###)
> -[ RECORD 1 ]------+---------------------------------
> radacctid          | 5993772
> acctsessionid      | 38ED2133-00000040
> acctuniqueid       | 2e3edbe1aa2069c36ac67cf96384219c
> username           | e05f4588a57d

  That looks like a MAC address.

> Both entries are from the same device (same MAC address),

   So what's the MAC address?

> received Login OK, but the first one got that string as username. Client is not the same. But there is a lot of entries with the correct username for that client.
> The odd thing is when it happens, the same string appears to the that user all the time. For other user, a different string appears and it will be always the same.

  Yes, likely because it's the MAC address of the device.

> Sorry, but this is a difficult problem to explain... Even the title of thread was difficult to choose =[
> Anyway, can anyone help me debug this problem?
> 
> 
> # lsb_release -a

  None of that matters.

> =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2020.06.22 22:51:13 =~=~=~=~=~=~=~=~=~=~=~=
> freeradius -X
> ...
> Ready to process requests

  And... nothing.

  How can we debug the server when you don't provide debug logs?

  Read this:  http://wiki.freeradius.org/list-help

  Alan DeKok.