Hello, Please see screenshot. Mustafa. ________________________________ From: mustafa mujahid <mustafa.mujahid@outlook.com> Sent: Monday, March 6, 2017 10:38 PM To: freeradius-users@lists.freeradius.org Subject: Unable to find user in DB. Hello all, I've been trying to get LAN authentication working on a test radius server v2.2.8 and have run into a problem. My server can't seem to find the user in database. I have verified the exact same query on th DB and it returns the correct query result but somehow radius is unable to find the user. Please see below the debug output : ... adding new socket proxy address * port 41532 Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on command file /var/log/radius/run/radiusd/radiusd.sock Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 10.10.99.5 port 1645, id=84, length=166 User-Name = "test.user" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "F4-1F-C2-29-F2-04" Calling-Station-Id = "5C-B9-01-82-7F-64" EAP-Message = 0x02010015017a65657368616e2e6368617564617279 Message-Authenticator = 0xef5d9c130e4c84779ee2942be69f84ac NAS-Port-Type = Ethernet NAS-Port = 50004 NAS-Port-Id = "FastEthernet0/4" NAS-IP-Address = 10.10.99.5 # Executing section authorize from file /etc/raddb/sites-enabled/default +group authorize { ++[preprocess] = ok ++[digest] = noop [suffix] No '@' in User-Name = "test.user", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] = noop [sql] expand: %{User-Name} -> test.user [sql] sql_set_user escaped user --> 'test.user' rlm_sql (sql): Reserving sql socket id: 4 [sql] expand: SELECT id,UserName,Attribute,Value,op FROM backup.radcheck_office_replica where username = '%{SQL-User-Name}' order by id -> SELECT id,UserName,Attribute,Value,op FROM backup.radcheck_office_replica where username = 'test.user' order by id rlm_sql (sql): Released sql socket id: 4 [sql] User test.user not found ++[sql] = notfound ++[expiration] = noop ++[logintime] = noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] = noop +} # group authorize = ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Login incorrect: [test.user] (from client ops-switch port 50004 cli 5C-B9-01-82-7F-64) Using Post-Auth-Type Reject # Executing group from file /etc/raddb/sites-enabled/default +group REJECT { [sql] expand: %{User-Name} -> test.user [sql] sql_set_user escaped user --> 'test.user' ++[sql] = noop +} # group REJECT = noop Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 84 to 10.10.99.5 port 1645 Waking up in 4.9 seconds. Cleaning up request 0 ID 84 with timestamp +40 Ready to process requests. But when the exact same query is run on the DB it returns positive results. please see attached screen shot from DB. Currently my sql.conf file only contains : authorize_check_query ="SELECT id,UserName,Attribute,Value,op FROM ${authcheck_table} where username = '%{SQL-User-Name}' order by id" and queries for accounting but they are not of concern as I only need authentication from this radius so I can match MAC Address against user name, but that comes after. I'm stuck at the first stage. I don't understand what the issue might be . Kindly let me know if I'm missing something or if further information is required. Any help on this would be greatly appreciated. -- Mustafa