How to make an open auth realm?
Alan DeKok
aland at deployingradius.com
Wed Feb 10 15:45:08 CET 2010
Marcin S. wrote:
> I have add to my sql.conf lines that give something like this when there
> is no such user in databese:
>
> authorize_check_query = "call rad1('%{User-Name}');" gives
> +-----+----------+-----------+--------+----+
> | id | UserName | Attribute | Value | op |
> +-----+----------+-----------+--------+----+
> | 001 | someone | Auth-Type | Accept | == |
> +-----+----------+-----------+--------+----+
Read doc/rlm_sql for the meaning of the operators.
> in radius logs a get:
Could you explain why you're not using debug mode?
> Wed Feb 10 15:29:15 2010 : Auth: Login OK: [someone/<via Auth-Type =
> mschap>] (from client router port 307 cli 00:21:00:11:90:58)
> but in windows I get error 778 cannot verify server identity
>
> Can you send me a clue? What I do wrong?
You haven't given the debug log which contains the authentication
protocol.
My *guess* is that you're doing MS-CHAP. You CANNOT just return
Access-Accept. The Windows machine won't like it. It's impossible.
Alan DeKok.
More information about the Freeradius-Users
mailing list