acct-session-start attribute ?

Jeremy Ravel Jeremy.Ravel at etu.univ-savoie.fr
Thu May 28 16:51:19 CEST 2015 

Hi guys, I am beginner in FR. 
I want to be able to delay the activation of the login. For example i can create an user monday, but i just want allow him to connect only from friday to logon on my network. 
I tried to use the attribute acct-session-start on the user, but when i use it one user, the user can never log. 
I get this from the log: 

Thu May 28 16:18:16 2015 : Info: Ready to process requests. 
rad_recv: Access-Request packet from host 127.0.0.1 port 39465, id=155, length=277 
ChilliSpot-Version = "1.3.0" 
User-Name = "day2" 
User-Password = "day2" 
Service-Type = Login-User 
Acct-Session-Id = "5567077800000003" 
Framed-IP-Address = 10.10.4.200 
NAS-Port-Type = Wireless-802.11 
NAS-Port = 3 
NAS-Port-Id = "00000003" 
Calling-Station-Id = "00-1B-77-16-34-1A" 
Called-Station-Id = "00-50-56-B2-BF-8D" 
NAS-IP-Address = 10.10.4.254 
NAS-Identifier = "vlan4" 
WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,Vlan4_ssid" 
WISPr-Location-Name = "Vlan_4" 
WISPr-Logoff-URL = " http://10.10.4.254:3990/logoff " 
Message-Authenticator = 0xee48deacd07a8f3d13df74480fa48198 
Thu May 28 16:19:09 2015 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default 
Thu May 28 16:19:09 2015 : Info: +- entering group authorize {...} 
Thu May 28 16:19:09 2015 : Info: ++? if (!NAS-IP-Address) 
Thu May 28 16:19:09 2015 : Info: ? Evaluating !(NAS-IP-Address) -> FALSE 
Thu May 28 16:19:09 2015 : Info: ++? if (!NAS-IP-Address) -> FALSE 
Thu May 28 16:19:09 2015 : Info: ++[preprocess] returns ok 
Thu May 28 16:19:09 2015 : Info: ++[chap] returns noop 
Thu May 28 16:19:09 2015 : Info: ++[mschap] returns noop 
Thu May 28 16:19:09 2015 : Info: ++[digest] returns noop 
Thu May 28 16:19:09 2015 : Info: [suffix] No '@' in User-Name = "day2", looking up realm NULL 
Thu May 28 16:19:09 2015 : Info: [suffix] No such realm "NULL" 
Thu May 28 16:19:09 2015 : Info: ++[suffix] returns noop 
Thu May 28 16:19:09 2015 : Info: [eap] No EAP-Message, not doing EAP 
Thu May 28 16:19:09 2015 : Info: ++[eap] returns noop 
Thu May 28 16:19:09 2015 : Info: [sql] expand: %{User-Name} -> day2 
Thu May 28 16:19:09 2015 : Info: [sql] sql_set_user escaped user --> 'day2' 
Thu May 28 16:19:09 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3 
Thu May 28 16:19:09 2015 : Info: [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'day2' ORDER BY id 
Thu May 28 16:19:09 2015 : Info: [sql] expand: SELECT groupname FROM usergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM usergroup WHERE username = 'day2' ORDER BY priority 
Thu May 28 16:19:09 2015 : Info: [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'vlan_4' ORDER BY id 
Thu May 28 16:19:09 2015 : Debug: rlm_sql (sql): Released sql socket id: 3 
Thu May 28 16:19:09 2015 : Info: [sql] User day2 not found 
Thu May 28 16:19:09 2015 : Info: ++[sql] returns notfound 
Thu May 28 16:19:09 2015 : Debug: rlm_sqlcounter: Entering module authorize code 
Thu May 28 16:19:09 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair 
Thu May 28 16:19:09 2015 : Info: ++[chillispot_max_bytes] returns noop 
Thu May 28 16:19:09 2015 : Debug: rlm_sqlcounter: Entering module authorize code 
Thu May 28 16:19:09 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair 
Thu May 28 16:19:09 2015 : Info: ++[noresetcounter] returns noop 
Thu May 28 16:19:09 2015 : Debug: rlm_sqlcounter: Entering module authorize code 
Thu May 28 16:19:09 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair 
Thu May 28 16:19:09 2015 : Info: ++[dailycounter] returns noop 
Thu May 28 16:19:09 2015 : Info: ++[expiration] returns noop 
Thu May 28 16:19:09 2015 : Info: ++[logintime] returns noop 
Thu May 28 16:19:09 2015 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. 
Thu May 28 16:19:09 2015 : Info: ++[pap] returns noop 
Thu May 28 16:19:09 2015 : Info: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user 
Thu May 28 16:19:09 2015 : Info: Failed to authenticate the user. 
Thu May 28 16:19:09 2015 : Info: Using Post-Auth-Type Reject 
Thu May 28 16:19:09 2015 : Info: # Executing group from file /etc/freeradius/sites-enabled/default 
Thu May 28 16:19:09 2015 : Info: +- entering group REJECT {...} 
Thu May 28 16:19:09 2015 : Info: [sql] expand: %{User-Name} -> day2 
Thu May 28 16:19:09 2015 : Info: [sql] sql_set_user escaped user --> 'day2' 
Thu May 28 16:19:09 2015 : Info: [sql] expand: %{User-Password} -> day2 
Thu May 28 16:19:09 2015 : Info: [sql] expand: INSERT INTO radpostauth (user, pass, reply, date) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply acket-Type}', '%S') -> INSERT INTO radpostauth (user, pass, reply, date) VALUES ( 'day2', 'day2', 'Access-Reject', ' 2015-05-28 16 :19:09') 
Thu May 28 16:19:09 2015 : Debug: rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (user, pass, reply, date) VALUES ( 'day2', 'day2', 'Access-Reject', ' 2015-05-28 16 :19:09') 
Thu May 28 16:19:09 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 2 
Thu May 28 16:19:09 2015 : Debug: rlm_sql (sql): Released sql socket id: 2 
Thu May 28 16:19:09 2015 : Info: ++[sql] returns ok 
Thu May 28 16:19:09 2015 : Info: [attr_filter.access_reject] expand: %{User-Name} -> day2 
Thu May 28 16:19:09 2015 : Debug: attr_filter: Matched entry DEFAULT at line 11 

But if i dont give him, the attribute he can logon. 

If somone has any clue ? 
Thanks

More information about the Freeradius-Users mailing list