Hey everyone,<br><br>I've used an older version of FreeRADIUS before (I think 1.1.0) with mysql as a backend and all I had to do<br>to authenticate users is have the following entry in radcheck table: | 1 | admin | Password | == | admin |
<br>although I see some errors when using radiusd -X and the error received is username/password not correct.<br>The log from freeradius is:<br><br><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "mschap" returns noop for request 1
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> rlm_realm: No '@' in User-Name = "admin", looking up realm NULL</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;"> rlm_realm: No such realm "NULL"</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "suffix" returns noop for request 1
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> rlm_eap: No EAP-Message, not doing EAP</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
modcall[authorize]: module "eap" returns noop for request 1</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> users: Matched entry DEFAULT at line 152
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> users: Matched entry DEFAULT at line 171</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
users: Matched entry DEFAULT at line 183</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "files" returns ok for request 1
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">radius_xlat: 'admin'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
rlm_sql (sql): sql_set_user escaped user --> 'admin'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'admin' ORDER BY id'
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sql (sql): Reserving sql socket id: 2</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
radius_xlat: 'SELECT <a href="http://radgroupcheck.id">radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'admin' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'admin' ORDER BY id'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
radius_xlat: 'SELECT <a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'admin' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
rlm_sql (sql): Released sql socket id: 2</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "sql" returns ok for request 1</span>
<br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_pap: Found existing Auth-Type, not changing it.</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
modcall[authorize]: module "pap" returns noop for request 1</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: Entering module authorize code
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}''</span>
<br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">radius_xlat: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin''</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin'}'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
radius_xlat: Running registered xlat function of module sql for string 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin''</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
rlm_sql (sql): - sql_xlat</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">radius_xlat: 'admin'</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">rlm_sql (sql): sql_set_user escaped user --> 'admin'</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
radius_xlat: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin''</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sql (sql): Reserving sql socket id: 1
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sql (sql): - sql_xlat finished</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
rlm_sql (sql): Released sql socket id: 1</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">radius_xlat: '27'</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: (Check item - counter) is greater than zero</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
rlm_sqlcounter: Authorized user admin, check_item=86400, counter=27</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: Sent Reply-Item for user admin, Type=Session-Timeout, value=300
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "noresetcounter" returns ok for request 1</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: Entering module authorize code</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: Could not find Check item value pair
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "dailycounter" returns noop for request 1</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: Entering module authorize code</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">rlm_sqlcounter: Could not find Check item value pair
</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;"> modcall[authorize]: module "monthlycounter" returns noop for request 1</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">modcall: leaving group authorize (returns ok) for request 1</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
rad_check_password: Found Auth-Type System</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">auth: type "System"</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;"> ERROR: Unknown value specified for Auth-Type. Cannot perform requested action.</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
auth: Failed to validate the user.</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">Login incorrect: [admin/admin] (from client localhost port 1)</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">Delaying request 1 for 1 seconds</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">Finished request 1</span>
<br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">Going to the next request</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">
--- Walking the entire request list ---</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">Waking up in 1 seconds...</span><br style="font-style: italic; font-weight: bold;">
<span style="font-style: italic; font-weight: bold;">--- Walking the entire request list ---</span><br style="font-style: italic; font-weight: bold;"><span style="font-style: italic; font-weight: bold;">Waking up in 1 seconds...
</span><br><br><br><br>It mentions some error about Auth-Type so I added another entry for that user in the table which is:<br>| 2 | admin | Auth-Type | := | Local |<br><br>And then it works fine.<br>My question is why does it require the Auth-Type entry to be added? I've used freeradius with mysql before without having
<br>to enter an Auth-Type entry for each user in the radcheck table.<br><br>My radiusd.conf authenticate { } section has no sql mentioning there.<br>Could that be it?<br><br><br>Thanks in advance,<br>Liran.<br>