Freeradius-Users Digest, Vol 46, Issue 94
Shimon Weinreich
shimon at openu.ac.il
Wed Feb 25 08:02:17 CET 2009
Hey Tim,
Tnx for the quick answer. In the meantime I figured out my problem.
In 'users' file I commented out:
-----
# First setup all accounts to be checked against the UNIX /etc/passwd.
# (Unless a password was already given earlier in this file).
#
#DEFAULT Auth-Type = System
# Fall-Through = 1
-----
Which 'tells' Radius to authenticate with /etc/passwd.
Now localcheck works fine.
I have another problem. I enter a client with a secret in clients.conf file:
----
Client 192.168.10.10 {
secret = XXXXXXXX
shortname = Test
}
But while testing from Client 192.168.10.10 - I got:
---
rad_recv: Access-Request packet from host: 192.168.10.10:45931, id=56, length=53
Ignoring request from unknown client 192.168.10.10:45931
--- Walking the entire request list ---
Nothing to do. Sleeping until we see a request.
------------
Any hint??
-------
בברכה,
שמעון ויינרייך
האוניברסיטה הפתוחה
-----Original Message-----
From: freeradius-users-bounces+shimon=openu.ac.il at lists.freeradius.org [mailto:freeradius-users-bounces+shimon=openu.ac.il at lists.freeradius.org] On Behalf Of freeradius-users-request at lists.freeradius.org
Sent: Wednesday, February 25, 2009 8:45 AM
To: freeradius-users at lists.freeradius.org
Subject: Freeradius-Users Digest, Vol 46, Issue 94
Send Freeradius-Users mailing list submissions to
freeradius-users at lists.freeradius.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
freeradius-users-request at lists.freeradius.org
You can reach the person managing the list at
freeradius-users-owner at lists.freeradius.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."
Today's Topics:
1. auth: Failed to validate the user - NEED SOME HELP !
(Shimon Weinreich)
2. RE: auth: Failed to validate the user - NEED SOME HELP !
(Tim Sylvester)
----------------------------------------------------------------------
Message: 1
Date: Wed, 25 Feb 2009 08:35:38 +0200
From: "Shimon Weinreich" <shimon at openu.ac.il>
Subject: auth: Failed to validate the user - NEED SOME HELP !
To: <freeradius-users at lists.freeradius.org>
Message-ID: <A8DAF37AB05CA74C938F57DD1909576614360D at AMNON.openu.local>
Content-Type: text/plain; charset="windows-1255"
Hello,
My name is Shimon from the Open Univ. of Israel. I installed freeradius and I want the
Users to authenticate with /etc/raddb/users file NOT /etc/passwd file.
Below is a printout of /usr/sbin/radius ?X ?y
----------------------
rad_recv: Access-Request packet from host 127.0.0.1:54057, id=172, length=59
User-Name = "monitor"
User-Password = "XXXXXXXX"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1812
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "monitor", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry DEFAULT at line 152
users: Matched entry monitor at line 216
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
modcall[authenticate]: module "unix" returns notfound for request 0
modcall: leaving group authenticate (returns notfound) for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 172 to 127.0.0.1 port 54057
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 172 with timestamp 49a4e630
Nothing to do. Sleeping until we see a request.
-----------------------------------------------------
Can someone help me with defining radius NOT to authenticate with /etc/passwd
But with /etc/raddb/users file.
Tnx,
-------
?????,
????? ????????
??????????? ??????
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090225/80a485a7/attachment.html>
------------------------------
Message: 2
Date: Tue, 24 Feb 2009 22:44:45 -0800
From: "Tim Sylvester" <tim.sylvester at networkradius.com>
Subject: RE: auth: Failed to validate the user - NEED SOME HELP !
To: "'FreeRadius users mailing list'"
<freeradius-users at lists.freeradius.org>
Message-ID: <49a4e8e4.1cef600a.10c5.ffff97ae at mx.google.com>
Content-Type: text/plain; charset="windows-1255"
Hi Shimon,
In the /usr/local/etc/raddb/sites-enabled/default file, comment out the unix
module.
#
# Pull crypt'd passwords from /etc/passwd or /etc/shadow,
# using the system API's to get the password. If you want
# to read /etc/passwd or /etc/shadow directly, see the
# passwd module in radiusd.conf.
#
# unix <--------- Comment out this line
Tim
From:
freeradius-users-bounces+tim.sylvester=networkradius.com at lists.freeradius.or
g
[mailto:freeradius-users-bounces+tim.sylvester=networkradius.com at lists.freer
adius.org] On Behalf Of Shimon Weinreich
Sent: Tuesday, February 24, 2009 10:36 PM
To: freeradius-users at lists.freeradius.org
Subject: auth: Failed to validate the user - NEED SOME HELP !
Hello,
My name is Shimon from the Open Univ. of Israel. I installed freeradius and
I want the
Users to authenticate with /etc/raddb/users file NOT /etc/passwd file.
Below is a printout of /usr/sbin/radius ?X ?y
----------------------
rad_recv: Access-Request packet from host 127.0.0.1:54057, id=172, length=59
User-Name = "monitor"
User-Password = "XXXXXXXX"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1812
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "monitor", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry DEFAULT at line 152
users: Matched entry monitor at line 216
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
modcall[authenticate]: module "unix" returns notfound for request 0
modcall: leaving group authenticate (returns notfound) for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 172 to 127.0.0.1 port 54057
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 172 with timestamp 49a4e630
Nothing to do. Sleeping until we see a request.
-----------------------------------------------------
Can someone help me with defining radius NOT to authenticate with
/etc/passwd
But with /etc/raddb/users file.
Tnx,
-------
?????,
????? ????????
??????????? ??????
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090224/f12e7f85/attachment.html>
------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
End of Freeradius-Users Digest, Vol 46, Issue 94
************************************************
More information about the Freeradius-Users
mailing list