Hi everybody !<br><br>I've configured freeradius with an ldap backend. I had to create new attributes that are sent correctly in the reply. But when i try to put these attributes in the "update coa", the value of these variable are empty. I've tried the syntax %<reply>Attribute-Name but it's still empty. Here the debug output if someone can give me a hint :<br>
<br> ... adding new socket proxy address * port 54865<br> ... adding new socket proxy address * port 44764<br>Listening on authentication address * port 1812<br>Listening on accounting address * port 1813<br>Listening on proxy address * port 1814<br>
Ready to process requests.<br>rad_recv: Access-Request packet from host 127.0.0.1 port 43501, id=62, length=93<br> User-Name = "testuser"<br> User-Password = "mypasswd"<br> NAS-IP-Address = 172.20.13.27<br>
NAS-Port = 0<br> Framed-IP-Address = 192.168.1.5<br> Acct-Session-Id = "539848"<br> Message-Authenticator = 0x92985a75e680a1d422ceb47ba117ea62<br># Executing section authorize from file /etc/freeradius/sites-enabled/wol<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>[chocoldap] performing user authorization for testuser<br>[chocoldap] expand: %{Stripped-User-Name} -> <br>[chocoldap] ... expanding second conditional<br>
[chocoldap] expand: %{User-Name} -> testuser<br>[chocoldap] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=testuser)<br>[chocoldap] expand: ou=wol,dc=labingesys,dc=lan -> ou=wol,dc=labingesys,dc=lan<br>
[chocoldap] ldap_get_conn: Checking Id: 0<br> [chocoldap] ldap_get_conn: Got Id: 0<br> [chocoldap] attempting LDAP reconnection<br> [chocoldap] (re)connect to <a href="http://172.20.13.25:389">172.20.13.25:389</a>, authentication 0<br>
[chocoldap] bind as cn=admin,dc=labingesys,dc=lan/chocolab to <a href="http://172.20.13.25:389">172.20.13.25:389</a><br> [chocoldap] waiting for bind result ...<br> [chocoldap] Bind was successful<br> [chocoldap] performing search in ou=wol,dc=labingesys,dc=lan, with filter (uid=testuser)<br>
[chocoldap] checking if remote access for testuser is allowed by uid<br>[chocoldap] Added User-Password = mypasswd in check items<br>[chocoldap] No default NMAS login sequence<br>[chocoldap] looking for check items in directory...<br>
[chocoldap] userPassword -> Password-With-Header == "mypasswd"<br>[chocoldap] looking for reply items in directory...<br> [chocoldap] AlcSLAProfStr -> Alc-SLA-Prof-Str = "sla-profile2"<br> [chocoldap] AlcSubscProfStr -> Alc-Subsc-Prof-Str = "sub-profile1"<br>
[chocoldap] user testuser authorized to use remote access<br> [chocoldap] ldap_release_conn: Release Id: 0<br>++[chocoldap] returns ok<br>++[chap] returns noop<br>[pap] Config already contains "known good" password. Ignoring Password-With-Header<br>
++[pap] returns updated<br> expand: %{User-Name} -> testuser<br> expand: %{Acct-Session-Id} -> 539848<br> expand: %{NAS-IP-Address} -> 172.20.13.27<br> expand: %{Framed-IP-Address} -> 192.168.1.5<br>
expand: %{Alc-Subsc-Prof-Str#} -> <br> expand: %{Alc-SLA-Prof-Str} -> <br>++[coa] returns updated<br>Found Auth-Type = PAP<br>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!<br>
!!! Replacing User-Password in config items with Cleartext-Password. !!!<br>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!<br>!!! Please update your configuration so that the "known good" !!!<br>
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!<br>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!<br># Executing group from file /etc/freeradius/sites-enabled/wol<br>
+- entering group PAP {...}<br>[pap] login attempt with password "mypasswd"<br>[pap] Using clear text password "mypasswd"<br>[pap] User authenticated successfully<br>++[pap] returns ok<br># Executing section post-auth from file /etc/freeradius/sites-enabled/wol<br>
+- entering group post-auth {...}<br>++[chocoldap] returns noop<br>Sending Access-Accept of id 62 to 127.0.0.1 port 43501<br> Alc-SLA-Prof-Str = "sla-profile2"<br> Alc-Subsc-Prof-Str = "sub-profile1"<br>
# Executing section pre-proxy from file /etc/freeradius/sites-enabled/wol<br>+- entering group pre-proxy {...}<br>[pre_proxy_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d -> /var/log/freeradius/radacct/<a href="http://127.0.0.1/pre-proxy-detail-20120829">127.0.0.1/pre-proxy-detail-20120829</a><br>
[pre_proxy_log] /var/log/freeradius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d expands to /var/log/freeradius/radacct/<a href="http://127.0.0.1/pre-proxy-detail-20120829">127.0.0.1/pre-proxy-detail-20120829</a><br>
[pre_proxy_log] expand: %t -> Wed Aug 29 14:12:29 2012<br>++[pre_proxy_log] returns ok<br>Sending CoA-Request of id 238 to 80.236.127.146 port 3799<br> User-Name = "testuser"<br> Acct-Session-Id = "539848"<br>
NAS-IP-Address = 172.20.13.27<br> Framed-IP-Address = 192.168.1.5<br> Alc-Subsc-Prof-Str = ""<br> Alc-SLA-Prof-Str = ""<br>Finished request 0.<br>Going to the next request<br>Waking up in 1.9 seconds.<br>
Sending CoA-Request of id 238 to 80.236.127.146 port 3799<br> User-Name = "testuser"<br> Acct-Session-Id = "539848"<br> NAS-IP-Address = 172.20.13.27<br> Framed-IP-Address = 192.168.1.5<br>
Alc-Subsc-Prof-Str = ""<br> Alc-SLA-Prof-Str = ""<br>Waking up in 3.0 seconds.<br>Cleaning up request 0 ID 62 with timestamp +9<br>Waking up in 0.7 seconds.<br>Sending CoA-Request of id 238 to 80.236.127.146 port 3799<br>
User-Name = "testuser"<br> Acct-Session-Id = "539848"<br> NAS-IP-Address = 172.20.13.27<br> Framed-IP-Address = 192.168.1.5<br> Alc-Subsc-Prof-Str = ""<br> Alc-SLA-Prof-Str = ""<br>
Waking up in 7.6 seconds<br><br>Thanks<br>