On Wednesday 31 March 2010 21:28:48 Alan DeKok wrote:
Bruno Kremel wrote:
My configuration is pretty much default except of enabling MySQL and setting paths and passwords to certificates (generated with make script in /etc/freeradius/certs, so they should be OK) and addresses of clients.
And what did you put in SQL?
expand: %{User-Name} -> pokus rlm_sql (sql): sql_set_user escaped user --> 'pokus' rlm_sql (sql): Reserving sql socket id: 3 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'pokus' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'pokus' ORDER BY id expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'pokus' ORDER BY priority
...
rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user
Why did you put "Auth-Type = Accept" in SQL?
It's breaking the server. Delete it. What should be there? Beacuse I don't know I am using Daloradius web interafce for adding data to database, so I just loaded default daloradius sql which was intendet (according to readme od daloradius) for 2.X Freeradius... and added accounts in web interface...
To me it seems that name/password was accepted so I have no clue where is the problem..
The password was NOT accepted. It was *ignored*.
And what is that Accept-Accept on the end of the log?... also radtest gives me Accept-Accept only on correct login and password so I think that it's not that SQL...
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thank you for answer.