Invalid User in RADIUS Logs
Fajar A. Nugraha
list at fajar.net
Thu Dec 15 02:36:40 CET 2011
On Thu, Dec 15, 2011 at 6:58 AM, Det Det <det.explorer at yahoo.com> wrote:
> Hi,
>
> Thanks!
>
> Is there a way that I can set log level in RADIUS to make it log like when
> in debug mode? Coz I cannot trace exactly what causes the 'Invalid user' log
> in RADIUS. I have already confirmed that for this case it is not the
> password. So now, I'm left to look into other causes.
One was is to just run in it debug mode. Another way is to tun it with
one or more "-x" (see "man radiusd").
Yet another way, from radiusd.conf:
# Logging can be enabled for an individual request by a special
# dynamic expansion macro: %{debug: 1}, where the debug level
# for this request is set to '1' (or 2, 3, etc.). e.g.
#
# ...
# update control {
# Tmp-String-0 = "%{debug:1}"
# }
# ...
#
# The attribute that the value is assigned to is unimportant,
# and should be a "throw-away" attribute with no side effects.
you can choose which request to debug using unlang. For example
(untested), on authorize block:
if ("%{User-Name}" == "The-User-You-Want-to-Debug") {
update control {
Tmp-String-0 = "%{debug:3}"
}
}
... and finally, you can also use radmin. See
http://freeradius.org/radiusd/man/radmin.html, look for "debug"
--
Fajar
More information about the Freeradius-Users
mailing list