Hi,<br>my freeradius works well with users files users but when I test it with one of my users that is stored in db, the authentication fails.<br>what is needed to authenticate users that are stored in db.<br><br>two debug mode output is attached:
<br>it's debug response for a user that is stored in db:<br><br>rad_recv: Access-Request packet from host <a href="http://127.0.0.1:1029">127.0.0.1:1029</a>, id=90, length=58<br> User-Name = "n2test"<br>
User-Password = "n2test"<br> NAS-IP-Address = <a href="http://255.255.255.255">255.255.255.255</a><br> NAS-Port = 1645<br> Processing the authorize section of radiusd.conf<br>modcall: entering group authorize for request 1
<br> modcall[authorize]: module "preprocess" returns ok for request 1<br> modcall[authorize]: module "chap" returns noop for request 1<br> modcall[authorize]: module "mschap" returns noop for request 1
<br> rlm_realm: No '@' in User-Name = "n2test", looking up realm NULL<br> rlm_realm: No such realm "NULL"<br> modcall[authorize]: module "suffix" returns noop for request 1<br>
rlm_eap: No EAP-Message, not doing EAP<br> modcall[authorize]: module "eap" returns noop for request 1<br> users: Matched entry DEFAULT at line 154<br> modcall[authorize]: module "files" returns ok for request 1
<br>radius_xlat: 'n2test'<br>rlm_sql (sql): sql_set_user escaped user --> 'n2test'<br>radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'n2test' ORDER BY id'
<br>rlm_sql (sql): Reserving sql socket id: 2<br>radius_xlat: 'SELECT <a href="http://radgroupcheck.id">radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'n2test' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'<br>radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'n2test' ORDER BY id'
<br>radius_xlat: 'SELECT <a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username
= 'n2test' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>rlm_sql (sql): Released sql socket id: 2<br> modcall[authorize]: module "sql" returns ok for request 1
<br>rlm_pap: Found existing Auth-Type, not changing it.<br> modcall[authorize]: module "pap" returns noop for request 1<br>modcall: leaving group authorize (returns ok) for request 1<br><span style="font-weight: bold; color: rgb(255, 0, 0);">
rad_check_password: Found Auth-Type System</span><br style="font-weight: bold; color: rgb(255, 0, 0);"><span style="font-weight: bold; color: rgb(255, 0, 0);">auth: type "System"</span><br style="font-weight: bold; color: rgb(255, 0, 0);">
<span style="font-weight: bold; color: rgb(255, 0, 0);"> Processing the authenticate section of radiusd.conf</span><br style="font-weight: bold; color: rgb(255, 0, 0);"><span style="font-weight: bold; color: rgb(255, 0, 0);">
modcall: entering group authenticate for request 1</span><br style="font-weight: bold; color: rgb(255, 0, 0);"><span style="font-weight: bold; color: rgb(255, 0, 0);"> modcall[authenticate]: module "unix" returns notfound for request 1
</span><br style="font-weight: bold; color: rgb(255, 0, 0);"><span style="font-weight: bold; color: rgb(255, 0, 0);">modcall: leaving group authenticate (returns notfound) for request 1</span><br style="font-weight: bold; color: rgb(255, 0, 0);">
<span style="font-weight: bold; color: rgb(255, 0, 0);">auth: Failed to validate the user.</span><br style="font-weight: bold; color: rgb(255, 0, 0);">Delaying request 1 for 1 seconds<br>Finished request 1<br>Going to the next request
<br>--- Walking the entire request list ---<br>Waking up in 1 seconds...<br>--- Walking the entire request list ---<br>Waking up in 1 seconds...<br>--- Walking the entire request list ---<br>Sending Access-Reject of id 90 to
<a href="http://127.0.0.1">127.0.0.1</a> port 1029<br>Waking up in 4 seconds...<br>--- Walking the entire request list ---<br>Cleaning up request 1 ID 90 with timestamp 471de1e9<br>Nothing to do. Sleeping until we see a request.
<br><br><br><br>and it's the output for a normal user that is stored in users file:<br><br>rad_recv: Access-Request packet from host <a href="http://127.0.0.1:1029">127.0.0.1:1029</a>, id=43, length=62<br> User-Name = "normaltest"
<br> User-Password = "normaltest"<br> NAS-IP-Address = <a href="http://255.255.255.255">255.255.255.255</a><br> NAS-Port = 1645<br> Processing the authorize section of radiusd.conf<br>modcall: entering group authorize for request 0
<br> modcall[authorize]: module "preprocess" returns ok for request 0<br> modcall[authorize]: module "chap" returns noop for request 0<br> modcall[authorize]: module "mschap" returns noop for request 0
<br> rlm_realm: No '@' in User-Name = "normaltest", looking up realm NULL<br> rlm_realm: No such realm "NULL"<br> modcall[authorize]: module "suffix" returns noop for request 0
<br> rlm_eap: No EAP-Message, not doing EAP<br> modcall[authorize]: module "eap" returns noop for request 0<br> users: Matched entry normaltest at line 1<br> modcall[authorize]: module "files" returns ok for request 0
<br>radius_xlat: 'normaltest'<br>rlm_sql (sql): sql_set_user escaped user --> 'normaltest'<br>radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'normaltest' ORDER BY id'
<br>rlm_sql (sql): Reserving sql socket id: 4<br>rlm_sql (sql): User normaltest not found in radcheck<br>radius_xlat: 'SELECT <a href="http://radgroupcheck.id">radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute
,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'normaltest' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id
</a>'<br>radius_xlat: 'SELECT <a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username
= 'normaltest' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>rlm_sql (sql): User normaltest not found in radgroupcheck<br>rlm_sql (sql): Released sql socket id: 4
<br>rlm_sql (sql): User not found<br> modcall[authorize]: module "sql" returns notfound for request 0<br> modcall[authorize]: module "pap" returns updated for request 0<br>modcall: leaving group authorize (returns updated) for request 0
<br><span style="font-weight: bold; color: rgb(255, 102, 0);"> rad_check_password: Found Auth-Type pap</span><br style="font-weight: bold; color: rgb(255, 102, 0);"><span style="font-weight: bold; color: rgb(255, 102, 0);">
auth: type "PAP"</span><br style="font-weight: bold; color: rgb(255, 102, 0);"><span style="font-weight: bold; color: rgb(255, 102, 0);"> Processing the authenticate section of radiusd.conf</span><br style="font-weight: bold; color: rgb(255, 102, 0);">
<span style="font-weight: bold; color: rgb(255, 102, 0);">modcall: entering group PAP for request 0</span><br style="font-weight: bold; color: rgb(255, 102, 0);"><span style="font-weight: bold; color: rgb(255, 102, 0);">rlm_pap: login attempt with password normaltest
</span><br style="font-weight: bold; color: rgb(255, 102, 0);"><span style="font-weight: bold; color: rgb(255, 102, 0);">rlm_pap: Using clear text password "normaltest".</span><br style="font-weight: bold; color: rgb(255, 102, 0);">
<span style="font-weight: bold; color: rgb(255, 102, 0);">rlm_pap: User authenticated successfully</span><br style="font-weight: bold; color: rgb(255, 102, 0);"><span style="font-weight: bold; color: rgb(255, 102, 0);"> modcall[authenticate]: module "pap" returns ok for request 0
</span><br style="font-weight: bold; color: rgb(255, 102, 0);"><span style="font-weight: bold; color: rgb(255, 102, 0);">modcall: leaving group PAP (returns ok) for request 0</span><br style="font-weight: bold; color: rgb(255, 102, 0);">
<span style="font-weight: bold; color: rgb(255, 102, 0);"> Processing the post-auth section of radiusd.conf</span><br style="font-weight: bold; color: rgb(255, 102, 0);">modcall: entering group post-auth for request 0<br>
rlm_sql (sql): Processing sql_postauth<br>radius_xlat: 'normaltest'<br>rlm_sql (sql): sql_set_user escaped user --> 'normaltest'<br>radius_xlat: 'INSERT into radpostauth (user, pass, reply, date) values ('normaltest', 'normaltest', 'Access-Accept', NOW())'
<br>rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (user, pass, reply, date) values ('normaltest', 'normaltest', 'Access-Accept', NOW())<br>rlm_sql (sql): Reserving sql socket id: 3
<br>rlm_sql (sql): Released sql socket id: 3<br> modcall[post-auth]: module "sql" returns ok for request 0<br>modcall: leaving group post-auth (returns ok) for request 0<br>Sending Access-Accept of id 43 to <a href="http://127.0.0.1">
127.0.0.1</a> port 1029<br>Finished request 0<br>Going to the next request<br>--- Walking the entire request list ---<br>Waking up in 6 seconds...<br>--- Walking the entire request list ---<br>Cleaning up request 0 ID 43 with timestamp 471de179
<br>Nothing to do. Sleeping until we see a request.<br><br><br>