Bruno Kremel wrote:
My configuration is pretty much default except of enabling MySQL and setting paths and passwords to certificates (generated with make script in /etc/freeradius/certs, so they should be OK) and addresses of clients.
And what did you put in SQL?
expand: %{User-Name} -> pokus rlm_sql (sql): sql_set_user escaped user --> 'pokus' rlm_sql (sql): Reserving sql socket id: 3 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'pokus' ORDER BY id rlm_sql (sql): User found in radcheck table expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'pokus' ORDER BY id expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'pokus' ORDER BY priority ... rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user
Why did you put "Auth-Type = Accept" in SQL? It's breaking the server. Delete it.
To me it seems that name/password was accepted so I have no clue where is the problem..
The password was NOT accepted. It was *ignored*. Alan DeKok.