Max-All-Session counter module problem[SOLVED]
Hello all, Problem is solved. Actually it was due to radgroupcheck table. There I have inserted Max-All-Session as 90000. I deleted it and now the user can log in. Thank you Bishal Hi, I am posting the debug of another user who has same problem: rad_recv: Access-Request packet from host 202.79.xx.XX port 65050, id=12, length=189 NAS-Identifier = "pppoe-bhw." Acct-Session-Id = "1633129-mpd-pppoe-70" NAS-Port = 70 NAS-Port-Type = Ethernet Service-Type = Framed-User Framed-Protocol = PPP Calling-Station-Id = "0016768aaa28" Called-Station-Id = "WIFITEST" NAS-Port-Id = "rl0" Vendor-12341-Attr-12 = 0x6d70642d7070706f652d3730 Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Client-Endpoint:0 = "00:16:76:8a:aa:28" User-Name = "sneha" User-Password = "123" +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "sneha", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [sql] expand: %{User-Name} -> sneha [sql] sql_set_user escaped user --> 'sneha' rlm_sql (sql): Reserving sql socket id: 1 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'sneha' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'sneha' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'sneha' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'Prepaid Hours' ORDER BY id [sql] User found in group Prepaid Hours [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'Prepaid Hours' ORDER BY id rlm_sql (sql): Released sql socket id: 1 ++[sql] returns ok [ldap] performing user authorization for sneha [ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [ldap] expand: (cn=%{Stripped-User-Name:-%{User-Name}}) -> (cn=sneha) [ldap] expand: ou=users,ou=radius,dc=resunganet,dc=com,dc=np -> ou=users,ou=radius,dc=resunganet,dc=com,dc=np rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=users,ou=radius,dc=resunganet,dc=com,dc=np, with filter (cn=sneha) [ldap] checking if remote access for sneha is allowed by dialupAccess [ldap] Added User-Password = {SSHA}zG7/cgoBWWNIVo7WtLMria1ui7GJAztI in check items [ldap] looking for check items in directory... [ldap] looking for reply items in directory... [ldap] user sneha authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}'' [noresetcounter] expand: SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='sneha' sqlcounter_expand: '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='sneha'}' [noresetcounter] sql_xlat [noresetcounter] expand: %{User-Name} -> sneha [noresetcounter] sql_set_user escaped user --> 'sneha' [noresetcounter] expand: SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='sneha' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='sneha' rlm_sql (sql): Reserving sql socket id: 0 [noresetcounter] sql_xlat finished rlm_sql (sql): Released sql socket id: 0 [noresetcounter] expand: %{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='sneha'} -> 90001 rlm_sqlcounter: (Check item - counter) is less than zero rlm_sqlcounter: Rejected user sneha, check_item=90000, counter=90001 ++[noresetcounter] returns reject Invalid user (rlm_sqlcounter: Maximum never usage time reached): [sneha] (from client pppoe-bhw port 70 cli 0016768aaa28) Using Post-Auth-Type Reject +- entering group REJECT {...} =================== check_item shows 90000 whereas I have updated the radcheck Max-All-Session Value by 180000 but still Reject with Maximum never usage time reached? radcheck table output of user sneha: 2901 | sneha | Max-All-Session | := | 180000 | Thank you Bishal
participants (1)
-
Bishal Pun