APC NetBotz User attribute issue.

Rishabh.Shukla rishabh.shukla at i-link.co.in
Mon Mar 3 11:45:38 CET 2014


Hello All, 


    * Our Setup -> Centos, Free Radius, MySQL and Daloradius as Front End management GUI Tool. 
    * Devices use for Authentication -> APC NetBotz 200 Rack monitoring device as NAS. 
    * Attribute Details of user -> 1- APC-Service-Type = Admin and 2- Auth-Type =System 
    * Goal -> NetBotz Device users should get authenticated & login with Administrative rights. 
    * Problem -> We need to get APC Netbotz authentication from Radius server configured and APC has 3 level of users : 1-Administrator, 2-Device, 3-Read only. Along with radius authentication radius need to supply user attributes to Netbotz for user level & its access credentials. We have configured Administrative attribute with users in radius but it does not supply with authentication, there for user get only very lower level access "read only". Our goal is to get Administrative access with radius authentication. 
    * Radisud debug mode output as follows : 

# Executing section authorize from file /etc/raddb/sites-enabled/default 
+- entering group authorize {...} 
++[preprocess] returns ok 
++[chap] returns noop 
++[mschap] returns noop 
++[digest] returns noop 
[suffix] No '@' in User-Name = "rishabh", looking up realm NULL 
[suffix] No such realm "NULL" 
++[suffix] returns noop 
[eap] No EAP-Message, not doing EAP 
++[eap] returns noop 
++[files] returns noop 
[sql] expand: %{User-Name} -> rishabh 
[sql] sql_set_user escaped user --> 'rishabh' 
rlm_sql (sql): Reserving sql socket id: 4 
[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'rishabh' ORDER BY id 
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'rishabh' ORDER BY priority 
rlm_sql (sql): Released sql socket id: 4 
[sql] User rishabh not found 
++[sql] returns notfound 
++[expiration] returns noop 
++[logintime] returns noop 
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. 
++[pap] returns noop 
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user 
Failed to authenticate the user. 
Using Post-Auth-Type Reject 
# Executing group from file /etc/raddb/sites-enabled/default 
+- entering group REJECT {...} 
[attr_filter.access_reject] expand: %{User-Name} -> rishabh 
attr_filter: Matched entry DEFAULT at line 11 
++[attr_filter.access_reject] returns updated 
Delaying reject of request 0 for 1 seconds 
Going to the next request 
Waking up in 0.9 seconds. 
Sending delayed reject for request 0 
Sending Access-Reject of id 38 to 192.168.12.240 port 64015 
Waking up in 4.9 seconds. 
Cleaning up request 0 ID 38 with timestamp +9 
Ready to process requests. 

Please help us to resolve above issue. 

Thanks, 

Rishabh 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140303/1225cc63/attachment.html>


More information about the Freeradius-Users mailing list