Hey everyone, I've used an older version of FreeRADIUS before (I think 1.1.0) with mysql as a backend and all I had to do to authenticate users is have the following entry in radcheck table: | 1 | admin | Password | == | admin | although I see some errors when using radiusd -X and the error received is username/password not correct. The log from freeradius is: modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "admin", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 users: Matched entry DEFAULT at line 152 users: Matched entry DEFAULT at line 171 users: Matched entry DEFAULT at line 183 modcall[authorize]: module "files" returns ok for request 1 radius_xlat: 'admin' rlm_sql (sql): sql_set_user escaped user --> 'admin' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'admin' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName, radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'admin' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'admin' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName, radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'admin' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 1 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 1 rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}'' radius_xlat: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin'' sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin'}' radius_xlat: Running registered xlat function of module sql for string 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin'' rlm_sql (sql): - sql_xlat radius_xlat: 'admin' rlm_sql (sql): sql_set_user escaped user --> 'admin' radius_xlat: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='admin'' rlm_sql (sql): Reserving sql socket id: 1 rlm_sql (sql): - sql_xlat finished rlm_sql (sql): Released sql socket id: 1 radius_xlat: '27' rlm_sqlcounter: (Check item - counter) is greater than zero rlm_sqlcounter: Authorized user admin, check_item=86400, counter=27 rlm_sqlcounter: Sent Reply-Item for user admin, Type=Session-Timeout, value=300 modcall[authorize]: module "noresetcounter" returns ok for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "monthlycounter" returns noop for request 1 modcall: leaving group authorize (returns ok) for request 1 rad_check_password: Found Auth-Type System auth: type "System" ERROR: Unknown value specified for Auth-Type. Cannot perform requested action. auth: Failed to validate the user. Login incorrect: [admin/admin] (from client localhost port 1) Delaying request 1 for 1 seconds Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... It mentions some error about Auth-Type so I added another entry for that user in the table which is: | 2 | admin | Auth-Type | := | Local | And then it works fine. My question is why does it require the Auth-Type entry to be added? I've used freeradius with mysql before without having to enter an Auth-Type entry for each user in the radcheck table. My radiusd.conf authenticate { } section has no sql mentioning there. Could that be it? Thanks in advance, Liran.