CHAP faliled authenticate from users file

Marcin marcin at nicram.net
Mon Feb 26 12:07:17 CET 2018


I've reduced my file, which is included to two users:

user1 Cleartext-Password := "YwXYiufu640QkatX"
Framed-IP-Address = 192.168.237.24,
Framed-IP-Netmask = 255.255.255.255,
MS-Primary-DNS-Server = 192.168.232.7,
MS-Secondary-DNS-Server = 8.8.8.8,
Port-Limit = 1,
Acct-Interim-Interval = 300,
Filter-ID = "9708k/3704k",
Mikrotik-Rate-Limit = "3704k/9708k"
serwis Cleartext-Password := "serwis"
Framed-IP-Address = 192.168.237.25,
Framed-IP-Netmask = 255.255.255.255,
MS-Primary-DNS-Server = 192.168.232.7,
MS-Secondary-DNS-Server = 8.8.8.8,
Port-Limit = 1,
Acct-Interim-Interval = 300,
Filter-ID = "162668k/143172k",
Mikrotik-Rate-Limit = "143172k/162668k"

With this authenticate works, user serwis is found and response is accept.
Finally, this file containst over 20k lines
wc -l ../3.0/mods-config/files/users
20905 ../3.0/mods-config/files/users

my users file I generate from php script. The strange thing is that, when I
set *filename = ${moddir}/users* everything works, but with $INCLUDE in
authorize file it doesn't work

2018-02-26 11:43 GMT+01:00 Marcin <marcin at nicram.net>:

>
>
> 2018-02-15 13:56 GMT+01:00 Alan DeKok <aland at deployingradius.com>:
>
>> On Feb 14, 2018, at 11:40 AM, Marcin <marcin at nicram.net> wrote:
>> >
>> > I've moved my test user 'serwis' directly to "users" file instead line
>> > "$INCLUDE ..." and works :)
>> > But I'd like to keep users in seperate file because I'm going to
>> generate
>> > this daily from database.
>>
>>   Weird.  I haven't seen that before.
>>
>>   Are you sure that it's loading the correct file?
>
>
> Yes, I'm sure that I'm loading correct file. I tried put full path also
> but whihout result
>
>
>> i.e. in the file you're creating and using with $INCLUDE, put this at the
>> top:
>>
>> DEFAULT Auth-Type := Reject
>>
>
> Its, weird, because if I added this line, in debug mode log says that, in
> users file was found in line where it is, so file is included.
> When I remove this line, problem returns that user isn't matched.
> But if I set my file instead authore in mods-enabled/files
>
> cat mods-enabled/files
> # -*- text -*-
> #
> #  $Id: e3f3bf568d92eba8eb17bbad590f846f2d9e1ac8 $
>
> # Livingston-style 'users' file
> #
> # See "man users" for more information.
> #
> files {
> # Search for files in a subdirectory of mods-config which
> # matches this instance of the files module.
> moddir = ${modconfdir}/${.:instance}
>
> # The default key attribute to use for matches.  The content
> # of this attribute is used to match the "name" of the
> # entry.
> #key = "%{%{Stripped-User-Name}:-%{User-Name}}"
>
> #  The old "users" style file is now located here.
> # filename = ${moddir}/authorize
> filename = ${moddir}/users
>
> #  This is accepted for backwards compatibility
> #  It will be removed in a future release.
> # usersfile = ${moddir}/authorize
>
> #  These are accepted for backwards compatibility.
> #  They will be renamed in a future release.
> acctusersfile = ${moddir}/accounting
> preproxy_usersfile = ${moddir}/pre-proxy
> }
>
> it starting works. no changes in my users file.
>
>
>
>>
>>   If the users can still log in, then the server isn't reading the file
>> you're writing.  Make sure that there is only one file, and use the full
>> path name of the file.
>>
>>   Alan DeKok.
>>
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list
>> /users.html
>>
>
>
>
> --
> Pozdrawiam
> Marcin / nicraM
>



-- 
Pozdrawiam
Marcin / nicraM


More information about the Freeradius-Users mailing list