This might be the problem:
rlm_realm: No '@' in User-Name = "1213", looking up realm NULL rlm_realm: No such realm "NULL"
Jan.
On 07-10 10:29, Rodrigo P. Telles wrote:
Hi Jan,
Jan Janak wrote: | Try to se what is going on in the radius server, if you are using | freeradius then start it with -X cmdline option. |
I did that and I received this:
rad_recv: Access-Request packet from host xxx.yyy.zzz.www:37861, id=204, length=51 ~ User-Name = "1213" ~ Sip-Group = "Active" ~ Service-Type = Group-Check ~ NAS-IP-Address = xxx.yyy.zzz.www ~ NAS-Port = 0 ~ Processing the authorize section of radiusd.conf modcall: entering group authorize for request 28 ~ modcall[authorize]: module "preprocess" returns ok for request 28 ~ modcall[authorize]: module "chap" returns noop for request 28 ~ modcall[authorize]: module "mschap" returns noop for request 28 ~ modcall[authorize]: module "digest" returns noop for request 28 ~ rlm_realm: No '@' in User-Name = "1213", looking up realm NULL ~ rlm_realm: No such realm "NULL" ~ modcall[authorize]: module "suffix" returns noop for request 28 radius_xlat: '' ~ modcall[authorize]: module "sql" returns fail for request 28 modcall: group authorize returns fail for request 28 Finished request 28 Going to the next request Waking up in 2 seconds... --- Walking the entire request list --- Cleaning up request 27 ID 203 with timestamp 416541dc Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 28 ID 204 with timestamp 416541e0 Nothing to do. Sleeping until we see a request.
I think that the problem is on modcall[authorize]: module "sql" returns fail for request 28
but I don't know why module sql return "fail" for the request. I saw the mysql log file too and freeradius doesn't do any query about that request!
Do you have any idea? Thanks for your answer.
Telles
| Jan. | | On 05-10 23:08, Rodrigo P. Telles wrote: | |>Hi Folks, |> |>I've been testing SER 0.8.14 Auth and ACC (radiusclient-0.4.4) |>in radius (freeradius 1.0.1) and its working fine. |>Now I tried to use group_radius module to check if a user is in a especific |>group and it failed. |>First I received a error about missing "Sip-Group" attribute and I found a mail |>about this error and howto correct it |>(http://lists.iptel.org/pipermail/serdev/2004-July/002339.html). |>Now SER doesn't return any error, just |> |>radius_is_user_in(): Failure |> |>after a long time. |> |>I have a user "1213" in group "general" on radius database like this: |> |>mysql> select * from radgroupcheck; |>+----+-----------+-----------+----+--------+ |>| id | GroupName | Attribute | op | Value | |>+----+-----------+-----------+----+--------+ |>| 1 | general | Auth-Type | := | Digest | |>+----+-----------+-----------+----+--------+ |> |>mysql> select * from radcheck; |>+----+----------+---------------+----+-------+ |>| id | UserName | Attribute | op | Value | |>+----+----------+---------------+----+-------+ |>| 2 | 1213 | User-Password | == | testonly | |>+----+----------+---------------+----+-------+ |> |>mysql> select * from usergroup; |>+----+----------+-----------+ |>| id | UserName | GroupName | |>+----+----------+-----------+ |>| 1 | 1213 | general | |>+----+----------+-----------+ |> |>mysql> select * from radgroupreply; |>+----+-----------+---------------+----+------------+------+ |>| id | GroupName | Attribute | op | Value | prio | |>+----+-----------+---------------+----+------------+------+ |>| 3 | general | Reply-Message | = | Authorized | 0 | |>+----+-----------+---------------+----+------------+------+ |> |> |>I googled this but I couldn't find anything about that. |>Am I missing something? |>Thanks in advance. |> |>_______________________________________________ |>Serusers mailing list |>serusers@lists.iptel.org |>http://lists.iptel.org/mailman/listinfo/serusers |> | | |
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers