<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
thanks for that, it's done the job.<br><br>Now my second problem is dialup admin. I can access it using http://(IP address)/dialup, however when I click on the left hand side menu options, for example accounting or statistic, I receive the following error "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=(root),Password=(mypassword)<br></b><br>If i turn off sql debug, I receive a plain white page instead. The only options which I can select and view options are find user, show group, check server, help and about. Listed below are my config files. I am using php5<br><b><br>Admin.conf<br><br></b>#<br># Main Configuration File<br>#<br># it can be default or whatever language. Only greek are supported<br># from non latin alphabet languages<br># These attribute only apply for ldap not for sql<br>#<br>general_prefered_lang: en<br>general_prefered_lang_name: English<br>#<br># The charset which will be added as a meta tag in all pages<br>#<br>general_charset: iso-8859-1<br>#<br># Uncomment this if normal attributes (not the ;lang-xx ones) in ldap<br># are utf8 encoded.<br>#<br>#general_decode_normal_attributes: yes<br>#<br># The directory where dialupadmin is installed<br>#<br>general_base_dir: /usr/local/dialup_admin<br>#<br># The base directory of the freeradius radius installation<br>#<br>general_radiusd_base_dir: /usr/sbin<br>general_domain: (company).net.au<br>#<br># Set it to yes to use sessions and cache the various mappings<br># You can also set use_session = 1 in config.php3 to also cache<br># the admin.conf<br>#<br># ---- IMPORTANT -- IMPORTANT -- IMPORTANT ----<br>#Remember to use the 'Clear Cache' page if you use sessions and do any changes<br>#in any of the configuration files.<br>#<br>general_use_session: no<br>#<br># This is used by the failed logins page. It states the default back time<br># in minutes.<br>#<br>general_most_recent_fl: 30<br><br>#<br># Realm setup<br>#<br># Set general_strip_realms to yes in order to stip realms from usernames.<br># By default realms are not striped<br>general_strip_realms: yes<br>#<br># The delimiter used in realms. Default is @<br>#<br>general_realm_delimiter: @<br>#<br># The format of the realms. Can be either suffix (realm is after the username)<br># or prefix (realm is before the username). Default is suffix<br>#<br>#<br>general_realm_format: suffix<br>#<br><br>#<br># Determines if the administrator will be able to see and change the user password through<br># the user edit page<br>general_show_user_password: yes<br><br>general_raddb_dir: %{general_radiusd_base_dir}/etc/raddb<br>general_ldap_attrmap: %{general_raddb_dir}/ldap.attrmap<br># Need to fix admin.conf file parser<br>#general_clients_conf: %{general_raddb_dir}/clients.conf<br>general_clients_conf: etc/raddb/clients.conf<br>general_sql_attrmap: %{general_base_dir}/conf/sql.attrmap<br>general_accounting_attrs_file: %{general_base_dir}/conf/accounting.attrs<br>general_extra_ldap_attrmap: %{general_base_dir}/conf/extra.ldap-attrmap<br>general_username_mappings_file: %{general_base_dir}/conf/username.mappings<br>#<br># it can be either ldap or sql<br># This affects the user base not accounting. Accounting is always in sql<br>#<br>general_lib_type: sql<br>#<br># Define which attributes will be visible in the user edit page<br>#<br>general_user_edit_attrs_file: %{general_base_dir}/conf/user_edit.attrs<br>#<br># Used by the Accounting Report Generator<br>#<br>general_sql_attrs_file: %{general_base_dir}/conf/sql.attrs<br>#<br># Set default values for various attributes<br>#<br>general_default_file: %{general_base_dir}/conf/default.vals<br>#general_ld_library_path: /usr/local/snmpd/lib<br>#<br># can be 'snmp' (for snmpfinger) or empty to query the radacct table without first<br># querying the nas<br># This is used by the online users page<br>#<br>general_finger_type: snmp<br>#<br># Defines the nas type. This is only used by snmpfinger<br># cisco, usrhiper and lucent are supported for now<br>#<br>general_nas_type: cisco<br>general_snmpfinger_bin: %{general_base_dir}/bin/snmpfinger<br>#<br># Used by the 'Disconnect User' button in the Clear Open Sessions page<br># Uses the Cisco AAA Session MIB or a telnet session<br>#<br>general_sessionclear_bin: %{general_base_dir}/bin/clearsession<br>#<br># Can be one of telnet or snmp<br>#<br>general_sessionclear_method: snmp<br>general_radclient_bin: %{general_radiusd_base_dir}/bin/radclient<br>#<br># this information is used from the server check page<br>#<br>general_test_account_login: test<br>general_test_account_password: testpass<br>#<br># These are used as default values for the user test page<br>#<br>general_radius_server: localhost<br>general_radius_server_port: 1812<br>#<br># can be either pap or chap<br>#<br>general_radius_server_auth_proto: chap<br>#<br># sorry, single valued for now. Should become something like<br># password[server-name]: xxxxx<br>#<br>general_radius_server_secret: XXXXXX<br>general_auth_request_file: %{general_base_dir}/conf/auth.request<br>#<br># can be one of crypt,md5,clear<br>#<br>general_encryption_method: clear<br>#<br># can be either asc (older dates first) or desc (recent dates first)<br># This is used in the user accounting and badusers pages<br>#<br>general_accounting_info_order: desc<br>#<br># Use the totacct table in the user statistics page instead of the radacct<br># table. That will make the page run quicker. totacct should have data for<br># this to work :-)<br>#<br>general_stats_use_totacct: no<br>#<br># If set to yes then we only allow each administrator to examine it's own entries<br># in the badusers table<br>#<br>general_restrict_badusers_access: no<br>#<br># If set to yes then we restrict access to the nas administration page only to those<br># users which are allowed by their username mapping (nasadmin is set to yes)<br>#<br>general_restrict_nasadmin_access: no<br><br><br>INCLUDE: %{general_base_dir}/conf/naslist.conf<br><br>INCLUDE: %{general_base_dir}/conf/captions.conf<br><br>#<br># The ldap server to connect to.<br># Both ldap_server and ldap_write_server can be a space-separated<br># list of ldap hostnames. In that case the library will try to connect<br># to the servers in the order that they appear. If the first host is down<br># ldap_connect will ask for the second ldap host and so on.<br>#<br>ldap_server: ldap.%{general_domain}<br>#<br># There are many cases where we have a small write master and<br># a lot of fast read only replicas. If that is the case uncomment<br># ldap_write_server and point it to the write master. It will be<br># used only when writing to the directory, not when reading<br>#<br>#ldap_write_server: master.%{general_domain}<br>ldap_base: dc=company,dc=com<br>ldap_binddn: cn=Directory Manager<br>ldap_bindpw: XXXXXXX<br>ldap_default_new_entry_suffix: ou=dialup,ou=guests,%{ldap_base}<br>ldap_default_dn: uid=default-dialup,%{ldap_base}<br>ldap_regular_profile_attr: dialupregularprofile<br>#<br># If set to yes then the HTTP credentials (http authentication)<br># will be used to bind to the ldap server instead of ldap_binddn<br># and ldap_bindpw. That way multiple admins with different rights<br># on the ldap database can connect through one dialup_admin interface.<br># The ldap_binddn and ldap_bindpw are still needed to find the DN<br># to bind with (http authentication will only provide us with a<br># username). As a result the ldap_binddn should be able to do a search<br># with a filter of (uid=<username>). Normally, the anonymous (empty DN)<br># user can do that.<br>#ldap_use_http_credentials: yes<br>#<br># If we are using http credentials we can map a specific username to the<br># directory manager (which usually does not correspond to a specific username)<br>#<br>#ldap_directory_manager: cn=Directory Manager<br>#ldap_map_to_directory_manager: admin<br>#<br># Uncomment to enable ldap debug<br>#<br>ldap_debug: true<br>#<br># Allow for defining the ldap filter used when searching for a user<br># Variables supported:<br># %u: username<br># %U: username provided though http authentication<br># %mu: mappings for userdb<br># %ma: mappings for accounting<br># %mn: mappings for nasdb<br># %mN: mappings for nas administration<br>#<br># One use of this would be to restrict access to only the user's belonging to<br># a specific administrator like this:<br># ldap_filter: (&(uid=%u)(manager=uid=%U,ou=admins,o=company,c=com))<br>#<br>#ldap_filter: (uid=%u)<br>#<br># If ldap_userdn is set then we use that for user dns, we don't perform an ldap<br># search. This can be somewhat faster. The variables supported for ldap_filter<br># are also supported here<br>#<br>#ldap_userdn: uid=%u,%{ldap_base}<br><br><br>#<br># can be one of mysql,pg,oracle,sqlrelay where:<br># mysq: MySQL database (port 3306)<br># pg: PostgreSQL database (port 5432)<br># oracle: Oracle database (port 1521)<br># sqlrelay: SQL Relay<br>#<br>sql_type: mysql<br>sql_server: localhost<br>sql_port: 3306<br>sql_username: root<br>sql_password: (sqlpassword)<br>sql_database: radius<br>sql_accounting_table: radacct<br>sql_badusers_table: badusers<br>sql_check_table: radcheck<br>sql_reply_table: radreply<br>sql_user_info_table: userinfo<br>sql_groupcheck_table: radgroupcheck<br>sql_groupreply_table: radgroupreply<br>sql_usergroup_table: usergroup<br>sql_total_accounting_table: totacct<br>sql_nas_table: nas<br>#<br># If set to true then we show all the available groups with the groups<br># that the user is a member of highlighted in the user edit page.<br># Otherwise we only show the groups he is a member of.<br>sql_show_all_groups: true<br>#<br># This variable is used by the scripts in the bin folder<br># It should contain the path to the sql binary used to run<br># sql commands (mysql, psql, oracle and sqlrelay are only supported for now)<br>sql_command: /usr/bin/mysql<br>#sql_command: /usr/bin/psql<br>#sql_command: /usr/bin/sqlplus<br>#<br># This variable is used by the scripts in the bin folder<br># It should contain the snmp type and path to the binary<br># used to run snmp commands.<br># (ucd = UCD-Snmp and net = Net-Snmp are only supported for now)<br>general_snmp_type: net<br>general_snmpwalk_command: /usr/local/bin/snmpwalk<br>general_snmpget_command: /usr/local/bin/snmpget<br>#<br># Uncomment to enable sql debug<br>#<br>sql_debug: true<br>#<br># If set to yes then the HTTP credentials (http authentication)<br># will be used to connect to the sql server instead of sql_username<br># and sql_password. That way multiple admins with different rights<br># on the sql database can connect through one dialup_admin interface.<br>sql_use_http_credentials: no<br>#<br># If set the query will be added to all of the queries on the accounting<br># table<br># Variables supported:<br># %u: username<br># %U: username provided though http authentication<br># %mu: mappings for userdb<br># %ma: mappings for accounting<br># %mn: mappings for nasdb<br># %mN: mappings for nas administration<br>#sql_accounting_extra_query: %ma<br><br><br>#<br># true or false<br>#<br>sql_use_user_info_table: true<br>sql_use_operators: true<br>#<br># Set this to the value of the default_user_profile in your<br># sql.conf if that one is set. If it is not set leave blank<br># or commented out<br>#sql_default_user_profile: DEFAULT<br>#<br>#<br>sql_password_attribute: User-Password<br>sql_date_format: Y-m-d<br>sql_full_date_format: Y-m-d H:i:s<br>#<br># Used in the accounting report generator so that we<br># don't return too many results<br>#<br>sql_row_limit: 40<br>#<br># These options are used by the log_badlogins script and by the<br># mysql driver<br>#<br># Set the sql connect timeout (secs)<br>sql_connect_timeout: 3<br># Give a space separated list of extra mysql servers to connect to when<br># logging bad logins or adding users in the badusers table<br>#sql_extra_servers: sql2.company.com sql3.company.com<br><br>#<br># Default values for the various user limits in case the counter module<br># is used to impose such limits.<br># The value should be the user limit in seconds or none for nothing<br># Check out conf/sql.attrmap or extra.ldap-attrmap (depending on if you are<br># using sql or ldap) for per user attributes. The mapping should be made to<br># the attributes configured in the counter module. The attributes used by<br># dialupadmin will always be the ones appearing in the attribute mapping files<br># so you should make sure they are mapped to the correct attributes<br>#<br>#counter_default_daily: 14400<br>#counter_default_weekly: 72000<br>counter_default_daily: none<br>counter_default_weekly: none<br>counter_default_monthly: none<br>#<br># Since calculating monthly usage can be quite expensive we make<br># it configurable<br># This is not needed if the monthly limit is not none<br>#counter_monthly_calculate_usage: true<b><br><br>I have inputted the following in httpd.conf</b><br><br>LoadModule php5_module modules/libphp5.so<br>#AddModule mod_php5.c - do I need to add this? currently commented out, because if it's uncommented and i restart httpd, I receive an error saying "Apache 1.3 configuration directives found please read /usr/share/doc/httpd-2.2.3/migration.html"<br>AddType application/x-httpd-php .php<br>AddType application/x-httpd-php .php3<br><br>Let me know if you need more info.<br><br>Thanks,<br><br>Shawky<br><br><hr id="stopSpelling">From: tim.sylvester@networkradius.com<br>To: freeradius-users@lists.freeradius.org<br>Subject: RE: Freeradius2 & Mysql<br>Date: Wed, 8 Sep 2010 22:14:30 -0700<br><br>
<meta http-equiv="Content-Type" content="text/html; charset=unicode">
<meta name="Generator" content="Microsoft SafeHTML">
<style>
.ExternalClass p.ecxMsoNormal, .ExternalClass li.ecxMsoNormal, .ExternalClass div.ecxMsoNormal
{margin-bottom:.0001pt;font-size:12.0pt;font-family:'Times New Roman','serif';}
.ExternalClass a:link, .ExternalClass span.ecxMsoHyperlink
{color:blue;text-decoration:underline;}
.ExternalClass a:visited, .ExternalClass span.ecxMsoHyperlinkFollowed
{color:purple;text-decoration:underline;}
.ExternalClass p.ecxMsoPlainText, .ExternalClass li.ecxMsoPlainText, .ExternalClass div.ecxMsoPlainText
{margin-bottom:.0001pt;font-size:10.5pt;font-family:Consolas;}
.ExternalClass p
{margin-right:0in;margin-left:0in;font-size:12.0pt;font-family:'Times New Roman','serif';}
.ExternalClass span.ecxEmailStyle18
{font-family:'Calibri','sans-serif';color:#1F497D;}
.ExternalClass span.ecxPlainTextChar
{font-family:Consolas;}
.ExternalClass .ecxMsoChpDefault
{font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;}
.ExternalClass div.ecxWordSection1
{page:WordSection1;}
.ExternalClass ol
{margin-bottom:0in;}
.ExternalClass ul
{margin-bottom:0in;}
</style>
<div class="ecxWordSection1">
<div style="border-width: medium medium medium 1.5pt; border-style: none none none solid; border-color: -moz-use-text-color -moz-use-text-color -moz-use-text-color blue; padding: 0in 0in 0in 4pt;">
<p class="ecxMsoNormal" style="margin-bottom: 12pt;"><span style="font-size: 10pt; font-family: 'Tahoma','sans-serif';"> [sql] expand: %{User-Name}
-> fredf<br>
[sql] sql_set_user escaped user --> 'fredf'<br>
rlm_sql (sql): Reserving sql socket id: 4<br>
[sql] expand: SELECT id, username, attribute, value,
op FROM
radcheck WHERE
username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value,
op FROM
radcheck WHERE
username = 'fredf'
ORDER BY id<br>
[sql] User found in radcheck table<br>
[sql] expand: SELECT id, username, attribute, value,
op FROM
radreply WHERE
username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value,
op FROM
radreply WHERE
username = 'fredf'
ORDER BY id<br>
[sql] expand: SELECT
groupname FROM
radusergroup WHERE
username = '%{SQL-User-Name}'
ORDER BY priority -> SELECT
groupname FROM
radusergroup WHERE
username = 'fredf'
ORDER BY priority<br>
[sql] expand: SELECT id, groupname,
attribute, Value,
op FROM
radgroupcheck WHERE
groupname =
'%{Sql-Group}'
ORDER BY id -> SELECT id, groupname,
attribute, Value,
op FROM
radgroupcheck WHERE
groupname =
'dynamic' ORDER BY
id<br>
rlm_sql_mysql: MYSQL check_error: 1146 received<br>
rlm_sql_getvpdata: database query error<br>
[sql] Error retrieving check pairs for group dynamic<br>
[sql] Error processing groups; rejecting user<br>
rlm_sql (sql): Released sql socket id: 4<br>
++[sql] returns fail<br>
<br>
<span style="color: rgb(31, 73, 125);"></span></span></p>
<p class="ecxMsoPlainText"><span style="font-size: 11pt; font-family: 'Calibri','sans-serif'; color: rgb(31, 73, 125);"><tim></span></p>
<p class="ecxMsoPlainText"><span style="font-size: 11pt; font-family: 'Calibri','sans-serif'; color: rgb(31, 73, 125);"> </span></p>
<p class="ecxMsoNormal" style="margin-bottom: 12pt;"><a name="error_er_no_such_table" target="_blank"></a><span style="font-size: 11pt; font-family: 'Calibri','sans-serif'; color: rgb(31, 73, 125);">From
the MySQL documentation:</span></p>
<p class="ecxMsoNormal" style="margin-bottom: 12pt;"><span style="font-size: 8.5pt; font-family: 'Helvetica','sans-serif';" lang="EN">Error: </span><b><span style="font-size: 8pt; font-family: 'Courier New'; color: rgb(2, 103, 137); background: none repeat scroll 0% 0% white;" lang="EN">1146</span></b><span style="font-size: 8.5pt; font-family: 'Helvetica','sans-serif';" lang="EN"> SQLSTATE:
</span><b><span style="font-size: 8pt; font-family: 'Courier New'; color: rgb(2, 103, 137); background: none repeat scroll 0% 0% white;" lang="EN">42S02</span></b><span style="font-size: 8.5pt; font-family: 'Helvetica','sans-serif';" lang="EN"> (<a href="http://dev.mysql.com/doc/refman/5.1/en/error-messages-server.html#error_er_no_such_table" target="_blank"><b><span style="font-size: 8pt; font-family: 'Courier New'; color: rgb(2, 103, 137); background: none repeat scroll 0% 0% white;">ER_NO_SUCH_TABLE</span></b></a>)
</span><span style="font-size: 11pt; font-family: 'Calibri','sans-serif'; color: rgb(31, 73, 125);" lang="EN"> </span><span style="font-size: 8.5pt; font-family: 'Helvetica','sans-serif';" lang="EN">Message: Table '%s.%s' doesn't exist </span><span style="font-size: 11pt; font-family: 'Calibri','sans-serif'; color: rgb(31, 73, 125);"></span></p>
<p class="ecxMsoPlainText">Use the MySQL client with the same user that FreeRADIUS
uses to connect to MySQL. Then try the query that FR sent to MySQL:</p>
<p class="ecxMsoPlainText"> </p>
<p class="ecxMsoPlainText">SELECT id, groupname, attribute, Value, op FROM
radgroupcheck WHERE groupname = 'dynamic' ORDER BY id;</p>
<p class="ecxMsoPlainText"> </p>
<p class="ecxMsoPlainText">You should get the same error – 1146 and message with
more information on the error.</p>
<p class="ecxMsoPlainText"> </p>
<p class="ecxMsoPlainText">Tim</p>
</div>
</div>
<br>-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html </body>
</html>