Re: Version 2.0 is a lot closer to reality...
This is a discussion on Re: Version 2.0 is a lot closer to reality... within the FreeRADIUS Users forums, part of the Networking and Network Related category; Alan, thinking about upcoming upgrade from 1.1.5 to 2.0 i tried 2.0 with my configuration from ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-04-2007
|
|||
|
|||
Re: Version 2.0 is a lot closer to reality...
Alan, thinking about upcoming upgrade from 1.1.5 to 2.0 i tried 2.0 with
my configuration from 1.1.5. There seem to be some difference which i hope you can explain. proxy.conf configuration is realm NULL { type = radius authhost = LOCAL accthost = LOCAL } and we have a user who has simple radcheck entry in sql: mobile Auth-Type:=accept in 1.1.5 radiusd performs authorize and authorize group checks in sql: rlm_sql (sqlauth): sql_set_user escaped user --> 'mobile' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'mobile' ORDER BY id' rlm_sql (sqlauth): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupc heck.Attribute,radgroupcheck.Value,radgroupcheck.o p FROM radgroupcheck,usergroup WHERE (usergroup.Username = 'mobile' or usergroup.CLID = '250097000040996') AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY usergroup.PRIORITY,radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'mobile' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupr eply.Attribute,radgroupreply.Value,radgroupreply.o p FROM radgroupreply,usergroup WHERE (usergroup.Username = 'mobile' OR usergroup.CLID = '250097000040996') AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sqlauth): Released sql socket id: 4 modcall[authorize]: module "sqlauth" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user Login OK: [mobile] (from client localhost port 0 cli 250097000040996) but in 2.0 we lack the group checks: rlm_sql (sqlauth): sql_set_user escaped user --> 'mobile' rlm_sql (sqlauth): Reserving sql socket id: 4 radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'mobile' ORDER BY id' rlm_sql (sqlauth): User found in radcheck table radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'mobile' ORDER BY id' rlm_sql (sqlauth): Released sql socket id: 4 modcall[authorize]: module "sqlauth" returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user Login OK: [mobile] (from client localhost port 0 cli 25009700040996) what could be the possible reason(s) of that? Alan DeKok wrote: > I've just committed massive changes to the server core. The "diff" is > about 3k lines, and doesn't include deleted or added files. > > The good news is that it looks to be nearly 100% backwards compatible > with the configurations currently allowed by the CVS head. That is, > I've written it to be backwards compatible, and validated it via tests, > but I won't claim it's perfect until people test it. .... -- Sincerely Yours, Alexander - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
