Freeradius 3 / MSSQL Problem

Richard J Palmer richard at merula.net
Mon Mar 14 10:58:21 CET 2016 

Hi

Moving on from my previous email I am building 2 new FR servers to 
replace a couple of Older FR 2 servers.

These connect to a MSSQL server using FreeTDS/UnixODBC

I am compiling from source on a Slakeware linux server

I've downloaded / compiled the latest FreeTDS / UnixODBC and have 
tested the connection to the MSSQL Server both work fine.

I *think* I have configured radius correctly

----

 # Loaded module rlm_sql
  # Loading module "sql" from file 
/usr/local/etc/raddb/mods-enabled/sql
  sql {
        driver = "rlm_sql_unixodbc"
        server = "MerulaRadiusDSN"
        port = 0
        login = "meruladbusr"
        password = <<< secret >>>
        radius_db = "radius"
        read_groups = yes
        read_profiles = yes
        read_clients = no
        delete_stale_sessions = yes
        sql_user_name = "%{User-Name}"
        default_user_profile = ""
        client_query = "SELECT id, nasname, shortname, type, secret, 
server FROM nas"
        authorize_check_query = "SELECT id, username, attribute, 
value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY 
id"
        authorize_reply_query = "SELECT id, username, attribute, 
value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY 
id"
        authorize_group_check_query = "SELECT id, groupname, 
attribute, Value, op FROM radgroupcheck WHERE groupname = 
'%{SQL-Group}' ORDER BY id"
        authorize_group_reply_query = "SELECT id, groupname, 
attribute, value, op FROM radgroupreply WHERE groupname = 
'%{SQL-Group}' ORDER BY id"
        group_membership_query = "SELECT groupname FROM radusergroup 
WHERE username = '%{SQL-User-Name}' ORDER BY priority"
        simul_verify_query = "SELECT radacctid, acctsessionid, 
username, nasipaddress, nasportid, framedipaddress, callingstationid, 
framedprotocol FROM radacct WHERE username = '%{SQL-Group}' AND 
acctstoptime IS NULL"
        safe_characters = 
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: 
/"
   accounting {
        reference = "%{tolower:type.%{Acct-Status-Type}.query}"
    type {
     accounting-on {
        query = "UPDATE radacct SET acctstoptime = 
%{%{integer:Event-Timestamp}:-date('now')}, acctsessiontime  = 
(%{%{integer:Event-Timestamp}:-strftime('%%s', 'now')} - 
strftime('%%s', acctstarttime)), acctterminatecause = 
'%{Acct-Terminate-Cause}' WHERE acctstoptime IS NULL AND nasipaddress  
 = '%{NAS-IP-Address}' AND acctstarttime <= 
%{integer:Event-Timestamp}"
     }
     accounting-off {
        query = "UPDATE radacct SET acctstoptime = 
%{%{integer:Event-Timestamp}:-date('now')}, acctsessiontime  = 
(%{%{integer:Event-Timestamp}:-strftime('%%s', 'now')} - 
strftime('%%s', acctstarttime)), acctterminatecause = 
'%{Acct-Terminate-Cause}' WHERE acctstoptime IS NULL AND nasipaddress  
 = '%{NAS-IP-Address}' AND acctstarttime <= 
%{integer:Event-Timestamp}"
     }
     start {
        query = "INSERT INTO radacct (acctsessionid, acctuniqueid, 
username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, 
acctupdatetime, acctstoptime, acctsessiontime, acctauthentic, 
connectinfo_start, connectinfo_stop, acctinputoctets, 
acctoutputoctets, calledstationid, callingstationid, 
acctterminatecause, servicetype, framedprotocol, framedipaddress) 
VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', 
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', 
'%{%{NAS-Port-ID}:-%{NAS-Port}}', '%{NAS-Port-Type}', 
%{%{integer:Event-Timestamp}:-date('now')}, 
%{%{integer:Event-Timestamp}:-date('now')}, NULL, '0', 
'%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', 
'%{Called-Station-Id}', '%{Calling-Station-Id}', '', 
'%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}')"
     }
     interim-update {
        query = "UPDATE radacct SET acctupdatetime  = 
%{%{integer:Event-Timestamp}:-date('now')}, acctinterval    = 0, 
framedipaddress = '%{Framed-IP-Address}', acctsessiontime = 
%{%{Acct-Session-Time}:-NULL}, acctinputoctets = 
%{%{Acct-Input-Gigawords}:-0} << 32 | %{%{Acct-Input-Octets}:-0}, 
acctoutputoctets = %{%{Acct-Output-Gigawords}:-0} << 32 | 
%{%{Acct-Output-Octets}:-0} WHERE AcctUniqueId = 
'%{Acct-Unique-Session-Id}'"
     }
     stop {
        query = "UPDATE radacct SET acctstoptime        = 
%{%{integer:Event-Timestamp}:-date('now')}, acctsessiontime   = 
%{%{Acct-Session-Time}:-NULL}, acctinputoctets      = 
%{%{Acct-Input-Gigawords}:-0} << 32 | %{%{Acct-Input-Octets}:-0}, 
acctoutputoctets = %{%{Acct-Output-Gigawords}:-0} << 32 | 
%{%{Acct-Output-Octets}:-0}, acctterminatecause = 
'%{Acct-Terminate-Cause}', connectinfo_stop = '%{Connect-Info}' WHERE 
AcctUniqueId = '%{Acct-Unique-Session-Id}'"
     }
    }
   }
   post-auth {
        reference = ".query"
        query = "INSERT INTO radpostauth (username, pass, reply, 
authdate) VALUES ( '%{SQL-User-Name}', 
'%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', 
'%S')"
   }
  }
rlm_sql (sql): Driver rlm_sql_unixodbc (module rlm_sql_unixodbc) 
loaded and linked
----

However at the end of the startup I am seeing:
----

rlm_sql (sql): Attempting to connect to database "radius"
rlm_sql (sql): Initialising connection pool
   pool {
        start = 5
        min = 3
        max = 32
        spare = 10
        uses = 0
        lifetime = 0
        cleanup_interval = 30
        idle_timeout = 60
        retry_delay = 30
        spread = no
   }
rlm_sql (sql): Opening additional connection (0), 1 of 32 pending 
slots used
rlm_sql_unixodbc: 01000 [unixODBC][Driver Manager]Can't open lib 
'/usr/local/lib/libtdsodbc.so' : *?ع\?: undefined symbol: get_vtable
rlm_sql_unixodbc: SQL down 08003 [unixODBC][Driver Manager]Connnection 
does not exist
rlm_sql_unixodbc: Can't allocate the stmt
rlm_sql_unixodbc: Socket destructor called, closing socket
rlm_sql (sql): Opening connection failed (0)
rlm_sql (sql): Removing connection pool
/usr/local/etc/raddb/mods-enabled/sql[20]: Instantiation failed for 
module "sql"
----

I have seen some mention of this in other posts where it talks about 
the packages being downloaded - but not where building from source - 
and I can't spot an obvious option I could have missed (that's not to 
say I haven't)

This is using FreeRadius  3.0.11 source download from the website.

I'd be really grateful for any suggestions here - thanks in advance

Richard Palmer | Director | Merula Limited
Company Registered in England and Wales No. 3243995
5 Avro Court, Huntingdon, Cambridgeshire, PE29 6XS
Phone 01480 222940 | Support 0845 330 0666
Support Email support at merula.net

More information about the Freeradius-Users mailing list