Dear Alan,
Thank you for your response, I feel really bad bothering everybody on the list with these basic questions but for some reason it just doesn't work yet:
I do have the "sql" module listed in the "authorize" section, when I login with the test user (which is in the Huntgroup) I get the following response:
rad_recv: Access-Request packet from host 192.168.56.2 port 55666, id=170, length=63
User-Name = "test"
User-Password = "radius"
NAS-Identifier = "TESTRN01701"
NAS-IP-Address = 192.168.56.2
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
sql_xlat
expand: %{User-Name} -> test
sql_set_user escaped user --> 'test'
expand: SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}' -> SELECT groupname FROM radhuntgroup WHERE nasipaddress='192.168.56.2'
rlm_sql (sql): Reserving sql socket id: 0
sql_xlat finished
rlm_sql (sql): Released sql socket id: 0
expand: %{sql:SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}'} -> site_a
++[reply] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[sql] expand: %{User-Name} -> test
[sql] sql_set_user escaped user --> 'test'
rlm_sql (sql): Reserving sql socket id: 4
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'test' ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'site_a_admins' ORDER BY id
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "radius"
[pap] Using clear text password "radius"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
[reply_log] expand: %t -> Thu Sep 11 02:27:31 2014
++[reply_log] returns ok
Sending Access-Accept of id 170 to 192.168.56.2 port 55666
Juniper-Local-User-Name := "super-users"
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 2 ID 170 with timestamp +192
Ready to process requests.
When I try to logon with the test2 user (which is not in the Huntgroup) I get the following:
rad_recv: Access-Request packet from host 192.168.56.2 port 59531, id=109, length=64
User-Name = "test2"
User-Password = "radius"
NAS-Identifier = "TESTRN01701"
NAS-IP-Address = 192.168.56.2
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
sql_xlat
expand: %{User-Name} -> test2
sql_set_user escaped user --> 'test2'
expand: SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}' -> SELECT groupname FROM radhuntgroup WHERE nasipaddress='192.168.56.2'
rlm_sql (sql): Reserving sql socket id: 3
sql_xlat finished
rlm_sql (sql): Released sql socket id: 3
expand: %{sql:SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}'} -> site_a
++[reply] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test2", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[sql] expand: %{User-Name} -> test2
[sql] sql_set_user escaped user --> 'test2'
rlm_sql (sql): Reserving sql socket id: 2
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test2' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test2' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'test2' ORDER BY priority
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "radius"
[pap] Using clear text password "radius"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
[reply_log] expand: %t -> Thu Sep 11 02:30:39 2014
++[reply_log] returns ok
Sending Access-Accept of id 109 to 192.168.56.2 port 59531
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 3 ID 109 with timestamp +380
Ready to process requests.
Thanks in advance!