Problem with authentication

Pablo Lucchetti pablo at lnx.org.ar
Fri Dec 14 04:43:12 CET 2007


Thanks a lot Ivan! Now is working fine.

Cheers,
Pablo



tnt at kalik.co.yu wrote:
> No. This is how default sql.conf looks like:
> 
> http://www.freeradius.org/radiusd/raddb/sql.conf
> 
> You have deleted all that makes this module function.
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
> 
>> That's all Ivan.
>>
>> tnt at kalik.co.yu wrote:
>>> Is that the whole sql.conf? Where are the queries?
>>>
>>> Ivan Kalik
>>> Kalik Informatika ISP
>>>
>>>
>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>
>>>> gessuttia:/etc/freeradius# vim sql.conf
>>>> sql {
>>>>         driver = "rlm_sql_mysql"
>>>>
>>>>         server = "127.0.0.1"
>>>>         login = "dbuser"
>>>>         password = "dbpass"
>>>>         radius_db = "radius"
>>>>
>>>> acct_table1 = "radacct"
>>>> acct_table2 = "radacct"
>>>>
>>>>        postauth_table = "radpostauth"
>>>>        authcheck_table = "radcheck"
>>>>        authreply_table = "radreply"
>>>>        groupcheck_table = "radgroupcheck"
>>>>        groupreply_table = "radgroupreply"
>>>>        usergroup_table = "usergroup"
>>>>
>>>> deletestalesessions = yes
>>>>
>>>> sqltrace = yes
>>>> sqltracefile = ${logdir}/sqltrace.sql
>>>>
>>>> num_sql_socks = 5
>>>> connect_failure_retry_delay = 60
>>>>
>>>> }
>>>> ~
>>>>
>>>>
>>>> tnt at kalik.co.yu wrote:
>>>>> sqltrace = yes?
>>>>>
>>>>> Ivan Kalik
>>>>> Kalik Informatika ISP
>>>>>
>>>>>
>>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>>
>>>>>> I tuned On sqltrace but nothing occurs :(
>>>>>>
>>>>>> mysql> select * from radreply;
>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>> | id | UserName  | Attribute         | op | Value         |
>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>> |  1 | test-user | Framed-IP-Address | =  | 192.168.1.109 |
>>>>>> |  2 | test-user | Framed-IP-Address | =  | 0.0.0.0       |
>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>> 2 rows in set (0.00 sec)
>>>>>>
>>>>>> mysql> select * from radcheck;
>>>>>> +----+-----------+---------------+----+-----------+
>>>>>> | id | UserName  | Attribute     | op | Value     |
>>>>>> +----+-----------+---------------+----+-----------+
>>>>>> |  1 | test-user | user-password | == | test-pass |
>>>>>> +----+-----------+---------------+----+-----------+
>>>>>> 1 row in set (0.00 sec)
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> tnt at kalik.co.yu wrote:
>>>>>>> Switch on sqltrace in sql.conf and see what happened with the queries.
>>>>>>> You do have a password for this user in radcheck table? You have posted
>>>>>>> just radreply table.
>>>>>>>
>>>>>>> Ivan Kalik
>>>>>>> Kalik Informatika ISP
>>>>>>>
>>>>>>>
>>>>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>>>>
>>>>>>>> rad_recv: Access-Request packet from host 192.168.1.109:1601, id=6, 
>>>>>>>> length=49
>>>>>>>>         User-Name = "test-user"
>>>>>>>>         User-Password = "test-pass"
>>>>>>>> rad_lowerpair:  User-Name now 'test-user'
>>>>>>>> rad_lowerpair:  User-Password now 'test-pass'
>>>>>>>> rad_rmspace_pair:  User-Name now 'test-user'
>>>>>>>> rad_rmspace_pair:  User-Password now 'test-pass'
>>>>>>>>   Processing the authorize section of radiusd.conf
>>>>>>>> modcall: entering group authorize for request 0
>>>>>>>>   modcall[authorize]: module "chap" returns noop for request 0
>>>>>>>>   modcall[authorize]: module "mschap" returns noop for request 0
>>>>>>>> radius_xlat:  ''
>>>>>>>> rlm_sql (sql): Reserving sql socket id: 4
>>>>>>>> rlm_sql (sql): SQL query error; rejecting user
>>>>>>>> rlm_sql (sql): Released sql socket id: 4
>>>>>>>>   modcall[authorize]: module "sql" returns fail for request 0
>>>>>>>> modcall: leaving group authorize (returns fail) for request 0
>>>>>>>> There was no response configured: rejecting request 0
>>>>>>>> Server rejecting request 0.
>>>>>>>> Sending Access-Reject of id 6 to 192.168.1.109 port 1601
>>>>>>>> Finished request 0
>>>>>>>> Going to the next request
>>>>>>>> --- Walking the entire request list ---
>>>>>>>> Waking up in 6 seconds...
>>>>>>>> --- Walking the entire request list ---
>>>>>>>> Cleaning up request 0 ID 6 with timestamp 47619d3f
>>>>>>>> Nothing to do.  Sleeping until we see a request.
>>>>>>>>
>>>>>>>>
>>>>>>>> tnt at kalik.co.yu wrote:
>>>>>>>>> OK. Capital X ==> radiusd -X. And send from the point the request is
>>>>>>>>> received - you can skip the server startup.
>>>>>>>>>
>>>>>>>>> Ivan Kalik
>>>>>>>>> Kalik Informatika ISP
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>>>>>>
>>>>>>>>>> gessuttia:~# freeradius -x
>>>>>>>>>> Starting - reading configuration files ...
>>>>>>>>>> Using deprecated naslist file.  Support for this will go away soon.
>>>>>>>>>> Module: Loaded PAP
>>>>>>>>>> Module: Instantiated pap (pap)
>>>>>>>>>> Module: Loaded CHAP
>>>>>>>>>> Module: Instantiated chap (chap)
>>>>>>>>>> Module: Loaded MS-CHAP
>>>>>>>>>> Module: Instantiated mschap (mschap)
>>>>>>>>>> Module: Loaded SQL
>>>>>>>>>> rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
>>>>>>>>>> rlm_sql (sql): Attempting to connect to root at 127.0.0.1:/radius
>>>>>>>>>> rlm_sql (sql): starting 0
>>>>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
>>>>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #0
>>>>>>>>>> rlm_sql (sql): Connected new DB handle, #0
>>>>>>>>>> rlm_sql (sql): starting 1
>>>>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
>>>>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #1
>>>>>>>>>> rlm_sql (sql): Connected new DB handle, #1
>>>>>>>>>> rlm_sql (sql): starting 2
>>>>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
>>>>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #2
>>>>>>>>>> rlm_sql (sql): Connected new DB handle, #2
>>>>>>>>>> rlm_sql (sql): starting 3
>>>>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
>>>>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #3
>>>>>>>>>> rlm_sql (sql): Connected new DB handle, #3
>>>>>>>>>> rlm_sql (sql): starting 4
>>>>>>>>>> rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
>>>>>>>>>> rlm_sql_mysql: Starting connect to MySQL server for #4
>>>>>>>>>> rlm_sql (sql): Connected new DB handle, #4
>>>>>>>>>> Module: Instantiated sql (sql)
>>>>>>>>>> Module: Loaded Acct-Unique-Session-Id
>>>>>>>>>> Module: Instantiated acct_unique (acct_unique)
>>>>>>>>>> Initializing the thread pool...
>>>>>>>>>> Listening on authentication *:1812
>>>>>>>>>> Listening on accounting *:1813
>>>>>>>>>> Ready to process requests.
>>>>>>>>>>
>>>>>>>>>> sql.conf
>>>>>>>>>>
>>>>>>>>>> sql {
>>>>>>>>>>         driver = "rlm_sql_mysql"
>>>>>>>>>>
>>>>>>>>>>         server = "127.0.0.1"
>>>>>>>>>>         login = "dbuser"
>>>>>>>>>>         password = "dbpass"
>>>>>>>>>>         radius_db = "radius"
>>>>>>>>>>
>>>>>>>>>> acct_table1 = "radacct"
>>>>>>>>>> acct_table2 = "radacct"
>>>>>>>>>>
>>>>>>>>>>        postauth_table = "radpostauth"
>>>>>>>>>>        authcheck_table = "radcheck"
>>>>>>>>>>        authreply_table = "radreply"
>>>>>>>>>>        groupcheck_table = "radgroupcheck"
>>>>>>>>>>        groupreply_table = "radgroupreply"
>>>>>>>>>>        usergroup_table = "usergroup"
>>>>>>>>>>
>>>>>>>>>> deletestalesessions = yes
>>>>>>>>>>
>>>>>>>>>> sqltrace = no
>>>>>>>>>> sqltracefile = ${logdir}/sqltrace.sql
>>>>>>>>>>
>>>>>>>>>> num_sql_socks = 5
>>>>>>>>>> connect_failure_retry_delay = 60
>>>>>>>>>>
>>>>>>>>>> }
>>>>>>>>>>
>>>>>>>>>> radreoply table
>>>>>>>>>>
>>>>>>>>>> mysql> select * from radreply;
>>>>>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>>>>>> | id | UserName  | Attribute         | op | Value         |
>>>>>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>>>>>> |  1 | test-user | Framed-IP-Address | =  | 192.168.1.109 |
>>>>>>>>>> |  2 | test-user | Framed-IP-Address | =  | 0.0.0.0       |
>>>>>>>>>> +----+-----------+-------------------+----+---------------+
>>>>>>>>>> 2 rows in set (0.00 sec)
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> tnt at kalik.co.yu wrote:
>>>>>>>>>>> Send radiusd -X output. Have you done something to sql.conf apart from
>>>>>>>>>>> database connection details?
>>>>>>>>>>>
>>>>>>>>>>> Ivan Kalik
>>>>>>>>>>> Kalik Informatika ISP
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Dana 13/12/2007, "Pablo Lucchetti" <pablo at lnx.org.ar> piše:
>>>>>>>>>>>
>>>>>>>>>>>> Hi,
>>>>>>>>>>>>
>>>>>>>>>>>> I've a Freeradius on a Debian Etch with Mysql but when I'm triying to
>>>>>>>>>>>> test with NTRadPing always got the same error.
>>>>>>>>>>>> The user already exists in database
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> rad_recv: Access-Request packet from host 192.168.1.109:4027, id=2,
>>>>>>>>>>>> length=49
>>>>>>>>>>>>        User-Name = "test-user"
>>>>>>>>>>>>        User-Password = "test-pass"
>>>>>>>>>>>> rlm_sql (sql): Reserving sql socket id: 4
>>>>>>>>>>>> rlm_sql (sql): SQL query error; rejecting user
>>>>>>>>>>>> rlm_sql (sql): Released sql socket id: 4
>>>>>>>>>>>> Sending Access-Reject of id 2 to 192.168.1.109 port 4027
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Any help please?
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks in advance,
>>>>>>>>>>>> Pablo
>>>>>>>>>>>> -
>>>>>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> -
>>>>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>>>>>>>
>>>>>>>>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>>>>>>>>
>>>>>>>>>>> Este mensaje ha sido analizado con  NOD32 antivirus system
>>>>>>>>>>> http://www.nod32.com
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>> -
>>>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>> -
>>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>>>>>
>>>>>>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>>>>>>
>>>>>>>>> Este mensaje ha sido analizado con  NOD32 antivirus system
>>>>>>>>> http://www.nod32.com
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>> -
>>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>>>>
>>>>>>>>
>>>>>>> -
>>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>>>
>>>>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>>>>
>>>>>>> Este mensaje ha sido analizado con  NOD32 antivirus system
>>>>>>> http://www.nod32.com
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> -
>>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>>>
>>>>>>
>>>>> -
>>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>>>
>>>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>>>
>>>>> Este mensaje ha sido analizado con  NOD32 antivirus system
>>>>> http://www.nod32.com
>>>>>
>>>>>
>>>>>
>>>> -
>>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>>>>
>>>>
>>> -
>>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>>
>>> __________ Información de NOD32, revisión 2721 (20071213) __________
>>>
>>> Este mensaje ha sido analizado con  NOD32 antivirus system
>>> http://www.nod32.com
>>>
>>>
>>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 
> __________ Información de NOD32, revisión 2722 (20071214) __________
> 
> Este mensaje ha sido analizado con  NOD32 antivirus system
> http://www.nod32.com
> 
> 
> 



More information about the Freeradius-Users mailing list