Re: Authenticate users via AD and checking group membership:SOLVED
Thanks for that, can now see attributes being received by my NAS Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Received EAP-TLV response. [peap] Success [peap] Using saved attributes from the original Access-Accept [eap] Freeing handler ++[eap] returns ok +- entering group post-auth {...} [sql] expand: %{User-Name} -> radman02 [sql] sql_set_user escaped user --> 'radman02' [sql] expand: %{User-Password} -> [sql] expand: %{Chap-Password} -> [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (us ername, pass, reply, authdate) VALUES ( 'radman02', '', 'Access-Accept', ' 2009-01-18 22:43:47') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'radman02', '', 'Access-Accept', '2009-01-18 22:43:47') rlm_sql (sql): Reserving sql socket id: 1 rlm_sql (sql): Released sql socket id: 1 ++[sql] returns ok ++[exec] returns noop Sending Access-Accept of id 180 to 140.97.3.29 port 1645 Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "staff" Tunnel-Type:0 = VLAN User-Name = "radman02" MS-MPPE-Recv-Key = 0x467fedcc7b18167ddb432067c80db040b838295c47071a357e2d53785a2d2968 MS-MPPE-Send-Key = 0x8e6e1ce87235db5f65d5b7fdee69157be77cd18cd311416462dc1194e325de8f EAP-Message = 0x030c0004 Message-Authenticator = 0x00000000000000000000000000000000 Finished request 22. Going to the next request Waking up in 4.6 seconds.
participants (1)
-
Godfrey Peart