Upgrading from 1.0.2 to 2.0.0 problems

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu Jan 17 01:11:41 CET 2008 

Hi,

the first request looks like this.....NOTE the test order...

> rad_recv: Access-Request packet from host 192.168.1.64 port 32775, id=35, 
>         User-Name = "test"
> +- entering group authorize
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> ++[unix] returns updated
    ^^^^^^^^^^^^^^^^^^^^^^^

> ++[suffix] returns noop
> ++[files] returns ok
> ++[expiration] returns noop
> ++[logintime] returns noop
> ++[pap] returns updated
>   rad_check_password:  Found Auth-Type
> auth: type "PAP"
> +- entering group PAP
> rlm_pap: login attempt with password "mytest4"
> rlm_pap: Using CRYPT encryption.
> rlm_pap: User authenticated successfully
> ++[pap] returns ok
> Login OK: [test/mytest4] (from client flyer port 0)

second test looks like this:

> rad_recv: Access-Request packet from host 192.168.1.64 port 32775, id=43, 
>         User-Name = "test at netonecom.net"
> +- entering group authorize
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> ++[unix] returns notfound
^^^^^^^^^^^^^^^^^^^^^^^^^^^

>     rlm_realm: Looking up realm "netonecom.net" for User-Name 
> = "test at netonecom.net"
>     rlm_realm: Found realm "netonecom.net"
>     rlm_realm: Adding Stripped-User-Name = "test"
>     rlm_realm: Proxying request from user test to realm netonecom.net
>     rlm_realm: Adding Realm = "netonecom.net"
>     rlm_realm: Authentication realm is LOCAL.
> ++[suffix] returns noop
> WARNING: Deprecated conditional expansion ":-".  See "man unlang" for details
>         expand: %{Stripped-User-Name:-%{User-Name}} -> test
>     users: Matched entry DEFAULT at line 172
> ++[files] returns ok
> ++[expiration] returns noop
> ++[logintime] returns noop
> rlm_pap: WARNING! No "known good" password found for the user.  Authentication 
> may fail because of this.
> ++[pap] returns noop
> auth: No authenticate method (Auth-Type) configuration found for the request: 
> Rejecting the user

you are calling the unix auth module before suffix - therefore the magic
hasnt yet happened. I'd try putting the unix module after the modules
that play around with User-Name 

alan

More information about the Freeradius-Users mailing list