Problem with authentication
tnt at kalik.co.yu
tnt at kalik.co.yu
Thu Dec 13 23:41:57 CET 2007
Is that the whole sql.conf? Where are the queries?
Ivan Kalik
Kalik Informatika ISP
Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>gessuttia:/etc/freeradius# vim sql.conf
>sql {
> driver = "rlm_sql_mysql"
>
> server = "127.0.0.1"
> login = "dbuser"
> password = "dbpass"
> radius_db = "radius"
>
>acct_table1 = "radacct"
>acct_table2 = "radacct"
>
> postauth_table = "radpostauth"
> authcheck_table = "radcheck"
> authreply_table = "radreply"
> groupcheck_table = "radgroupcheck"
> groupreply_table = "radgroupreply"
> usergroup_table = "usergroup"
>
>deletestalesessions = yes
>
>sqltrace = yes
>sqltracefile = ${logdir}/sqltrace.sql
>
>num_sql_socks = 5
>connect_failure_retry_delay = 60
>
>}
>~
>
>
>tnt at kalik.co.yu wrote:
>> sqltrace = yes?
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>>
>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>
>>> I tuned On sqltrace but nothing occurs :(
>>>
>>> mysql> select * from radreply;
>>> +----+-----------+-------------------+----+---------------+
>>> | id | UserName | Attribute | op | Value |
>>> +----+-----------+-------------------+----+---------------+
>>> | 1 | test-user | Framed-IP-Address | = | 192.168.1.109 |
>>> | 2 | test-user | Framed-IP-Address | = | 0.0.0.0 |
>>> +----+-----------+-------------------+----+---------------+
>>> 2 rows in set (0.00 sec)
>>>
>>> mysql> select * from radcheck;
>>> +----+-----------+---------------+----+-----------+
>>> | id | UserName | Attribute | op | Value |
>>> +----+-----------+---------------+----+-----------+
>>> | 1 | test-user | user-password | == | test-pass |
>>> +----+-----------+---------------+----+-----------+
>>> 1 row in set (0.00 sec)
>>>
>>>
>>>
>>>
>>>
>>>
>>> tnt at kalik.co.yu wrote:
>>>> Switch on sqltrace in sql.conf and see what happened with the queries.
>>>> You do have a password for this user in radcheck table? You have posted
>>>> just radreply table.
>>>>
>>>> Ivan Kalik
>>>> Kalik Informatika ISP
>>>>
>>>>
>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>
>>>>> rad_recv: Access-Request packet from host 192.168.1.109:1601, id=6,
>>>>> length=49
>>>>> User-Name = "test-user"
>>>>> User-Password = "test-pass"
>>>>> rad_lowerpair: User-Name now 'test-user'
>>>>> rad_lowerpair: User-Password now 'test-pass'
>>>>> rad_rmspace_pair: User-Name now 'test-user'
>>>>> rad_rmspace_pair: User-Password now 'test-pass'
>>>>> Processing the authorize section of radiusd.conf
>>>>> modcall: entering group authorize for request 0
>>>>> modcall[authorize]: module "chap" returns noop for request 0
>>>>> modcall[authorize]: module "mschap" returns noop for request 0
>>>>> radius_xlat: ''
>>>>> rlm_sql (sql): Reserving sql socket id: 4
>>>>> rlm_sql (sql): SQL query error; rejecting user
>>>>> rlm_sql (sql): Released sql socket id: 4
>>>>> modcall[authorize]: module "sql" returns fail for request 0
>>>>> modcall: leaving group authorize (returns fail) for request 0
>>>>> There was no response configured: rejecting request 0
>>>>> Server rejecting request 0.
>>>>> Sending Access-Reject of id 6 to 192.168.1.109 port 1601
>>>>> Finished request 0
>>>>> Going to the next request
>>>>> --- Walking the entire request list ---
>>>>> Waking up in 6 seconds...
>>>>> --- Walking the entire request list ---
>>>>> Cleaning up request 0 ID 6 with timestamp 47619d3f
>>>>> Nothing to do. Sleeping until we see a request.
>>>>>
>>>>>
>>>>> tnt at kalik.co.yu wrote:
>>>>>> OK. Capital X ==> radiusd -X. And send from the point the request is
>>>>>> received - you can skip the server startup.
>>>>>>
>>>>>> Ivan Kalik
>>>>>> Kalik Informatika ISP
>>>>>>
>>>>>>
>>>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>>>
>>>>>>> gessuttia:~# freeradius -x
>>>>>>> Starting - reading configuration files ...
>>>>>>> Using deprecated naslist file. Support for this will go away soon.
>>>>>>> Module: Loaded PAP
>>>>>>> Module: Instantiated pap (pap)
>>>>>>> Module: Loaded CHAP
>>>>>>> Module: Instantiated chap (chap)
>>>>>>> Module: Loaded MS-CHAP
>>>>>>> Module: Instantiated mschap (mschap)
>>>>>>> Module: Loaded SQL
>>>>>>> rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
>>>>>>> rlm_sql (sql): Attempting to connect to root at 127.0.0.1:/radius
>>>>>>> rlm_sql (sql): starting 0
>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #0
>>>>>>> rlm_sql (sql): Connected new DB handle, #0
>>>>>>> rlm_sql (sql): starting 1
>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #1
>>>>>>> rlm_sql (sql): Connected new DB handle, #1
>>>>>>> rlm_sql (sql): starting 2
>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #2
>>>>>>> rlm_sql (sql): Connected new DB handle, #2
>>>>>>> rlm_sql (sql): starting 3
>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #3
>>>>>>> rlm_sql (sql): Connected new DB handle, #3
>>>>>>> rlm_sql (sql): starting 4
>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #4
>>>>>>> rlm_sql (sql): Connected new DB handle, #4
>>>>>>> Module: Instantiated sql (sql)
>>>>>>> Module: Loaded Acct-Unique-Session-Id
>>>>>>> Module: Instantiated acct_unique (acct_unique)
>>>>>>> Initializing the thread pool...
>>>>>>> Listening on authentication *:1812
>>>>>>> Listening on accounting *:1813
>>>>>>> Ready to process requests.
>>>>>>>
>>>>>>> sql.conf
>>>>>>>
>>>>>>> sql {
>>>>>>> driver = "rlm_sql_mysql"
>>>>>>>
>>>>>>> server = "127.0.0.1"
>>>>>>> login = "dbuser"
>>>>>>> password = "dbpass"
>>>>>>> radius_db = "radius"
>>>>>>>
>>>>>>> acct_table1 = "radacct"
>>>>>>> acct_table2 = "radacct"
>>>>>>>
>>>>>>> postauth_table = "radpostauth"
>>>>>>> authcheck_table = "radcheck"
>>>>>>> authreply_table = "radreply"
>>>>>>> groupcheck_table = "radgroupcheck"
>>>>>>> groupreply_table = "radgroupreply"
>>>>>>> usergroup_table = "usergroup"
>>>>>>>
>>>>>>> deletestalesessions = yes
>>>>>>>
>>>>>>> sqltrace = no
>>>>>>> sqltracefile = ${logdir}/sqltrace.sql
>>>>>>>
>>>>>>> num_sql_socks = 5
>>>>>>> connect_failure_retry_delay = 60
>>>>>>>
>>>>>>> }
>>>>>>>
>>>>>>> radreoply table
>>>>>>>
>>>>>>> mysql> select * from radreply;
>>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>>> | id | UserName | Attribute | op | Value |
>>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>>> | 1 | test-user | Framed-IP-Address | = | 192.168.1.109 |
>>>>>>> | 2 | test-user | Framed-IP-Address | = | 0.0.0.0 |
>>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>>> 2 rows in set (0.00 sec)
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> tnt at kalik.co.yu wrote:
>>>>>>>> Send radiusd -X output. Have you done something to sql.conf apart from
>>>>>>>> database connection details?
>>>>>>>>
>>>>>>>> Ivan Kalik
>>>>>>>> Kalik Informatika ISP
>>>>>>>>
>>>>>>>>
>>>>>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> I've a Freeradius on a Debian Etch with Mysql but when I'm triying to
>>>>>>>>> test with NTRadPing always got the same error.
>>>>>>>>> The user already exists in database
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> rad_recv: Access-Request packet from host 192.168.1.109:4027, id=2,
>>>>>>>>> length=49
>>>>>>>>> User-Name = "test-user"
>>>>>>>>> User-Password = "test-pass"
>>>>>>>>> rlm_sql (sql): Reserving sql socket id: 4
>>>>>>>>> rlm_sql (sql): SQL query error; rejecting user
>>>>>>>>> rlm_sql (sql): Released sql socket id: 4
>>>>>>>>> Sending Access-Reject of id 2 to 192.168.1.109 port 4027
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Any help please?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks in advance,
>>>>>>>>> Pablo
>>>>>>>>> -
>>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>>>>>
>>>>>>>>>
>>>>>>>> -
>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>>>>
>>>>>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>>>>>
>>>>>>>> Este mensaje ha sido analizado con NOD32 antivirus system
>>>>>>>> http://www.nod32.com
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> -
>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>>>
>>>>>>>
>>>>>> -
>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>>
>>>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>>>
>>>>>> Este mensaje ha sido analizado con NOD32 antivirus system
>>>>>> http://www.nod32.com
>>>>>>
>>>>>>
>>>>>>
>>>>> -
>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>
>>>>>
>>>> -
>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>
>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>
>>>> Este mensaje ha sido analizado con NOD32 antivirus system
>>>> http://www.nod32.com
>>>>
>>>>
>>>>
>>> -
>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>
>>>
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>
>> Este mensaje ha sido analizado con NOD32 antivirus system
>> http://www.nod32.com
>>
>>
>>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list