On Fri, 2009-08-28 at 11:51 +0100, Ivan Kalik wrote:
On Fri, 2009-08-28 at 11:26 +0100, Ivan Kalik wrote:
1. You are using 1.x queries in a 2.x server. Fix that.
2. That user was found as system user as well and unix module is enabled. You likely have different password in /etc/passwd. Make sure you provide only one password to the server.
Here's what I'm getting with a newly made user and the 2.x queries set up: ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "Nshadur", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop rlm_eap: No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop expand: %{User-Name} -> Nshadur rlm_sql (sql): sql_set_user escaped user --> 'Nshadur' rlm_sql (sql): sql_set_user escaped user --> 'Nshadur' rlm_sql (sql): Reserving sql socket id: 4 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'Nshadur' ORDER BY id +-----+----------+--------------------+-----------------+------+ | id | username | attribute | value | op | +-----+----------+--------------------+-----------------+------+ | 347 | Nshadur | Cleartext-Password | foo | := | +-----+----------+--------------------+-----------------+------+ rlm_sql (sql): User found in radcheck table expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'Nshadur' ORDER BY id +----+----------+---------------+-------+------+ | id | username | attribute | value | op | +----+----------+---------------+-------+------+ | 98 | Nshadur | Giganews-mbpm | 50000 | := | +----+----------+---------------+-------+------+ expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'Nshadur' ORDER BY priority +-----------+ | groupname | +-----------+ | news | +-----------+ expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'news' ORDER BY id +----+-----------+----------------+-------+------+ | id | groupname | attribute | Value | op | +----+-----------+----------------+-------+------+ | 8 | news | Huntgroup-Name | news | == | +----+-----------+----------------+-------+------+ rlm_sql (sql): User found in group news expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'news' ORDER BY id +----+-----------+---------------+-------+------+ | id | groupname | attribute | value | op | +----+-----------+---------------+-------+------+ | 27 | news | Giganews-mbpm | 512 | := | +----+-----------+---------------+-------+------+ rlm_sql (sql): Released sql socket id: 4 ++[sql] returns ok ++[pap] returns updated rad_check_password: Found Auth-Type auth: type "PAP" +- entering group PAP rlm_pap: login attempt with password "foo" rlm_pap: No password configured for the user. Cannot do authentication ++[pap] returns fail auth: Failed to validate the user. Login incorrect: [Nshadur/foo] (from client giganews port 1) The "No password configured for the user" line has me stumped, personally...
Ivan Kalik Kalik Informatika ISP