radgroupreply issue with freeradius,mysql and daloradius

Wed Jun 24 14:52:06 CEST 2009

Hello.
I am having problems getting the radgroupreply attributes to work.
radreply works fine when adding reply attributes to users.

Now i have a user defined that belongs to a group (for example. SSL).
This group has groupreply attributes rfc 2865. (Class).
But when trying with radtest it does not seem to check for groups..

SQL-conf:
mysql> select * from usergroup;
+----------+-----------+----------+
| UserName | GroupName | priority |
+----------+-----------+----------+
| ssluser  | SSL       |        1 | 
+----------+-----------+----------+
1 row in set (0.00 sec)

mysql> 
mysql> select * from radgroupreply;
+----+-----------+-----------+----+------------+
| id | groupname | attribute | op | value      |
+----+-----------+-----------+----+------------+
| 10 | SSL       | Class     | =  | ou=bblblbk | 
+----+-----------+-----------+----+------------+
1 row in set (0.00 sec)

radtest:
[root at centos]# radtest ssluser ssluser localhost 1812 testing123
Sending Access-Request of id 178 to 127.0.0.1 port 1812
        User-Name = "ssluser"
        User-Password = "ssluser"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=178,
length=20
[root at centos]# 

radiusd -X debug:

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 47384, id=178,
length=59
        User-Name = "ssluser"
        User-Password = "ssluser"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 1812
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "ssluser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
[sql]   expand: %{User-Name} -> ssluser
[sql] sql_set_user escaped user --> 'ssluser'
rlm_sql (sql): Reserving sql socket id: 3
[sql]   expand: SELECT id, username, attribute, value, op          FROM
radcheck          WHERE username = BINARY '%{SQL-User-Name}'          ORDER
BY id -> SELECT id, username, attribute, value, op          FROM radcheck         
WHERE username = BINARY 'ssluser'          ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT id, username, attribute, value, op          FROM
radreply          WHERE username = BINARY '%{SQL-User-Name}'          ORDER
BY id -> SELECT id, username, attribute, value, op          FROM radreply         
WHERE username = BINARY 'ssluser'          ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup           WHERE
username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT
groupname           FROM radusergroup           WHERE username = 'ssluser'          
ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "ssluser"
[pap] Using clear text password "ssluser"
[pap] User authenticated successfully
++[pap] returns ok
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 178 to 127.0.0.1 port 47384
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 178 with timestamp +2
Ready to process requests.

I am probably missing something obvious here. Thankful for som help.
Regards
M

-- 
View this message in context: http://www.nabble.com/radgroupreply-issue-with-freeradius%2Cmysql-and-daloradius-tp24184189p24184189.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.