Auth: (24) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject):
Gilbert Rebeiro
gilbertrebeiro at gmail.com
Sun Aug 25 00:28:29 CEST 2019
I'm starting to understand - thank you.
I am trying to figure out how to setup a profile and which device attributes I should have - where would I find this information in freeradius 2 so I can duplicate it in my 3 setup?
Sorry if there are docs that I should read please direct me to them?
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+gilbertrebeiro=gmail.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Saturday, August 24, 2019 3:11 PM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Auth: (24) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject):
> On Aug 24, 2019, at 12:37 PM, gilbertrebeiro at gmail.com wrote:
>
> Ready to process requests
> (0) Received Access-Request Id 49 from 127.0.0.1:52226 to 127.0.0.1:1812 length 102
Something has mangled the output. Not terribly, but it's not good.
> (0) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE us ername = '%{SQL-User-Name}' ORDER BY id
> (0) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE us ername = 'test at dsl.dido.ca' ORDER BY id
> (0) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test at dsl.dido.ca' ORDER BY id
> (0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User- Name}' ORDER BY priority
> (0) sql: --> SELECT groupname FROM radusergroup WHERE username = 'test at dsl.di do.ca' ORDER BY priority
> (0) sql: Executing select query: SELECT groupname FROM radusergroup WHERE userna me = 'test at dsl.dido.ca' ORDER BY priority
> (0) sql: User not found in any groups
> rlm_sql (sql): Released connection (6) Need 2 more connections to
> reach min connections (3) rlm_sql (sql): Opening additional connection
> (7), 1 of 31 pending slots used
> (0) [sql] = notfound
The user wasn't found in the SQL database. Presumably that's where the password is stored. Which explains the following message:
> (0) pap: WARNING: No "known good" password found for the user. Not setting Auth -Type
> (0) pap: WARNING: Authentication will fail unless a "known good" password is ava ilable
That's pretty clear. The server has no idea how to authenticate the user.
Fix the SQL database so that it returns the users information.
The debug output shows you the SQL queries for a reason: So that you can run them manually from a SQL client program. i.e. so you can test them without running the entire RADIUS server.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list