On 5 February 2010 18:34, Alan DeKok <aland@deployingradius.com> wrote:
3) Any pointers in the right direction to how to achieve what I am after?
See "man rlm_pap". You can use the "auto-header" thing, or just use MD5-Password directly:
# "users" file entry: bob MD5-Password := 0x12345... #
Thanks for your reply Alan :) This is where I'm stuck at the moment: rlm_sql_postgresql: affected rows = radius_xlat: 'SELECT radgroupreply.id, radgroupreply.GroupName, radgroupreply.Attribute, ??radgroupreply.Value, radgroupreply.Op ??FROM radgroupreply,usergroup ??WHERE usergroup.Username = 'frank' AND usergroup.GroupName = radgroupreply.GroupName ??ORDER BY radgroupreply.id' rlm_sql_postgresql: query: SELECT radgroupreply.id, radgroupreply.GroupName, radgroupreply.Attribute, ??radgroupreply.Value, radgroupreply.Op ??FROM radgroupreply,usergroup ??WHERE usergroup.Username = 'frank' AND usergroup.GroupName = radgroupreply.GroupName ??ORDER BY radgroupreply.id rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: affected rows = rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. The data in my SQL database: radius=> SELECT * FROM radcheck; id | username | attribute | op | value ----+----------+--------------+----+---------------------------------- 0 | frank | MD5-Password | := | aaabf0d39951f3e6c3e8a7911df524c2 (1 row) My radiusd.conf file is here: http://www.pastebin.ca/1789575 (Sorry, not sure about the accepted practise for sharing such a large file on this list) I forgot to mention in my first post that this is freeradius-1.1.3-1.5.el5_4 on CentOS 5.4. Do I need 2.1.8 for this MD5 stuff to work? I'd prefer to be able to use the distro's packages, but if I have to compile it to make it work then I don't really have a choice ;-)