+ Responder ao Tópico



  1. utilizei o comando dessa meneira mas mesmo assim continua acusando invalid password:
    mysql> VALUES ('jason', 'Password', '=', 'teste');

  2. veja no sql.conf qual a query q ele executa pra autenticar.. e roda ela no banco e veja qq retorna



  3. Esse é o meu sql.conf:
    # doc/examples/mysql.sql
    sql {
    # Database type
    driver = "rlm_sql_mysql"

    # Connect info
    server = "localhost"
    login = "root"
    password = "asdf79"

    # Database table configuration
    radius_db = "radius"


    acct_table1 = "radacct"
    acct_table2 = "radacct"

    # Allow for storing data after authentication
    postauth_table = "radpostauth"

    authcheck_table = "radcheck"
    authreply_table = "radreply"

    groupcheck_table = "radgroupcheck"
    groupreply_table = "radgroupreply"

    usergroup_table = "usergroup"

    # Table to keep radius client info
    nas_table = "nas"
    deletestalesessions = yes

    # Print all SQL statements when in debug mode (-x)
    sqltrace = no
    sqltracefile = ${logdir}/sqltrace.sql

    # number of sql connections to make to server
    num_sql_socks = 5

    # number of seconds to dely retrying on a failed database
    connect_failure_retry_delay = 60
    #safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"

    sql_user_name = "%{User-Name}"
    #query_on_not_found = no
    # authorize_check_query = "SELECT id, UserName, Attribute, Value, op \
    # FROM ${authcheck_table} \
    # WHERE Username = BINARY '%{SQL-User-Name}' \
    # ORDER BY id"
    # authorize_reply_query = "SELECT id, UserName, Attribute, Value, op \
    # FROM ${authreply_table} \
    # WHERE Username = BINARY '%{SQL-User-Name}' \
    # ORDER BY id"

    authorize_check_query = "SELECT id, UserName, Attribute, Value, op \
    FROM ${authcheck_table} \
    WHERE Username = '%{SQL-User-Name}' \
    ORDER BY id"
    authorize_reply_query = "SELECT id, UserName, Attribute, Value, op \
    FROM ${authreply_table} \
    WHERE Username = '%{SQL-User-Name}' \
    ORDER BY id"

    # authorize_group_check_query = "SELECT ${groupcheck_table}.id,${groupcheck_table}.GroupName,${groupcheck_table}.Attribute,${groupcheck_table}.Value,${$
    # authorize_group_reply_query = "SELECT ${groupreply_table}.id,${groupreply_table}.GroupName,${groupreply_table}.Attribute,${groupreply_table}.Value,${$

    authorize_group_check_query = "SELECT ${groupcheck_table}.id,${groupcheck_table}.GroupName,${groupcheck_table}.Attribute,${groupcheck_table}.Value,${$
    authorize_group_reply_query = "SELECT ${groupreply_table}.id,${groupreply_table}.GroupName,${groupreply_table}.Attribute,${groupreply_table}.Value,${$

    # Accounting Queries
    # accounting_onoff_query - query for Accounting On/Off packets
    # accounting_update_query - query for Accounting update packets
    # accounting_update_query_alt - query for Accounting update packets
    # accounting_start_query - query for Accounting start packets
    # accounting_start_query_alt - query for Accounting start packets
    # accounting_stop_query - query for Accounting stop packets
    # accounting_stop_query_alt - query for Accounting start packet
    accounting_onoff_query = "UPDATE ${acct_table1} SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerm$

    accounting_update_query = " \
    UPDATE ${acct_table1} \
    SET \
    FramedIPAddress = '%{Framed-IP-Address}', \
    AcctSessionTime = '%{Acct-Session-Time}', \
    AcctInputOctets = '%{Acct-Input-Gigawords:-0}' << 32 | \
    '%{Acct-Input-Octets:-0}', \
    AcctOutputOctets = '%{Acct-Output-Gigawords:-0}' << 32 | \
    '%{Acct-Output-Octets:-0}' \
    WHERE AcctSessionId = '%{Acct-Session-Id}' \
    AND UserName = '%{SQL-User-Name}' \
    AND NASIPAddress = '%{NAS-IP-Address}'"
    accounting_update_query_alt = " \
    INSERT INTO ${acct_table1} \
    (AcctSessionId, AcctUniqueId, UserName, \
    Realm, NASIPAddress, NASPortId, \
    NASPortType, AcctStartTime, AcctSessionTime, \
    AcctAuthentic, ConnectInfo_start, AcctInputOctets, \
    AcctOutputOctets, CalledStationId, CallingStationId, \
    ServiceType, FramedProtocol, FramedIPAddress, \
    AcctStartDelay, XAscendSessionSvrKey) \
    VALUES \
    ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', \
    '%{SQL-User-Name}', \
    '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', \
    '%{NAS-Port-Type}', \
    DATE_SUB('%S', \
    INTERVAL (%{Acct-Session-Time:-0} + \
    %{Acct-Delay-Time:-0}) SECOND), \
    '%{Acct-Session-Time}', \
    '%{Acct-Authentic}', '', \
    '%{Acct-Input-Gigawords:-0}' << 32 | \
    '%{Acct-Input-Octets:-0}', \

    '%{Called-Station-Id}', '%{Calling-Station-Id}', \
    '%{Service-Type}', '%{Framed-Protocol}', \
    '%{Framed-IP-Address}', \
    '0', '%{X-Ascend-Session-Svr-Key}')"
    accounting_start_query = " \
    INSERT INTO ${acct_table1} \
    (AcctSessionId, AcctUniqueId, UserName, \
    Realm, NASIPAddress, NASPortId, \
    NASPortType, AcctStartTime, AcctStopTime, \
    AcctSessionTime, AcctAuthentic, ConnectInfo_start, \
    ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, \
    CalledStationId, CallingStationId, AcctTerminateCause, \
    ServiceType, FramedProtocol, FramedIPAddress, \
    AcctStartDelay, AcctStopDelay, XAscendSessionSvrKey) \
    VALUES \
    ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', \
    '%{SQL-User-Name}', \
    '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', \
    '%{NAS-Port-Type}', '%S', '0', \
    '0', '%{Acct-Authentic}', '%{Connect-Info}', \
    '', '0', '0', \
    '%{Called-Station-Id}', '%{Calling-Station-Id}', '', \
    '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', \
    '%{Acct-Delay-Time:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"

    accounting_start_query_alt = "UPDATE ${acct_table1} SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-$


    accounting_stop_query = " \
    UPDATE ${acct_table2} SET \
    AcctStopTime = '%S', \
    AcctSessionTime = '%{Acct-Session-Time}', \
    AcctInputOctets = '%{Acct-Input-Gigawords:-0}' << 32 | \
    '%{Acct-Input-Octets:-0}', \
    AcctOutputOctets = '%{Acct-Output-Gigawords:-0}' << 32 | \
    '%{Acct-Output-Octets:-0}', \
    AcctTerminateCause = '%{Acct-Terminate-Cause}', \
    AcctStopDelay = '%{Acct-Delay-Time:-0}', \
    ConnectInfo_stop = '%{Connect-Info}' \
    WHERE AcctSessionId = '%{Acct-Session-Id}' \
    AND UserName = '%{SQL-User-Name}' \
    AND NASIPAddress = '%{NAS-IP-Address}'"


    accounting_stop_query_alt = " \
    INSERT INTO ${acct_table2} \
    (AcctSessionId, AcctUniqueId, UserName, \
    Realm, NASIPAddress, NASPortId, \
    NASPortType, AcctStartTime, AcctStopTime, \
    AcctSessionTime, AcctAuthentic, ConnectInfo_start, \
    ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, \
    CalledStationId, CallingStationId, AcctTerminateCause, \
    ServiceType, FramedProtocol, FramedIPAddress, \
    AcctStartDelay, AcctStopDelay) \
    VALUES \
    ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', \
    '%{SQL-User-Name}', \
    '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', \
    '%{NAS-Port-Type}', \
    DATE_SUB('%S', \
    INTERVAL (%{Acct-Session-Time:-0} + \
    %{Acct-Delay-Time:-0}) SECOND), \
    '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', \
    '%{Connect-Info}', \
    '%{Acct-Input-Gigawords:-0}' << 32 | \
    '%{Acct-Input-Octets:-0}', \
    '%{Acct-Output-Gigawords:-0}' << 32 | \
    '%{Acct-Output-Octets:-0}', \
    '%{Called-Station-Id}', '%{Calling-Station-Id}', \
    '%{Acct-Terminate-Cause}', \
    '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', \
    '0', '%{Acct-Delay-Time:-0}')"

    # Uncomment simul_count_query to enable simultaneous use checking
    simul_count_query = "SELECT COUNT(*) \
    #FROM ${acct_table1} \
    #WHERE UserName='%{SQL-User-Name}' \
    #AND AcctStopTime = 0"

    simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, \
    NASIPAddress, NASPortId, FramedIPAddress, \
    CallingStationId, FramedProtocol \
    FROM ${acct_table1} \
    WHERE UserName='%{SQL-User-Name}' \
    AND AcctStopTime = 0"

    group_membership_query = "SELECT GroupName FROM ${usergroup_table} WHERE UserName='%{SQL-User-Name}'"
    postauth_query = "INSERT into ${postauth_table} (user, pass, reply, date) values ('%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-$

    # Set to 'yes' to read radius clients from the database ('nas' table)
    #readclients = yes
    }

    Qual seria o camando para verificar se essa query ta funcionando certinho AQUI.

  4. Esse é o meu arquivo de log do radius:
    Fri Aug 31 22:07:34 2007 : Info: rlm_sql (sql): No matching entry in the database for request from user [suporte]
    Fri Aug 31 22:07:34 2007 : Auth: Login incorrect: [suporte/\241E7\340d\r\255\216R|\347\306]\367]x] (from client local port 0)
    Fri Aug 31 22:08:09 2007 : Info: rlm_sql (sql): No matching entry in the database for request from user [jason]
    Fri Aug 31 22:08:09 2007 : Auth: rlm_unix: [jason]: invalid password
    Fri Aug 31 22:08:09 2007 : Auth: Login incorrect: [jason/\352\271d\246Y\243\325\235?>&\337\225rp"] (from client local port 0)
    Fri Aug 31 22:08:54 2007 : Info: rlm_sql (sql): No matching entry in the database for request from user [jason]
    Fri Aug 31 22:08:54 2007 : Auth: rlm_unix: [jason]: invalid password
    Fri Aug 31 22:08:54 2007 : Auth: Login incorrect: [jason/Q\022{s]g-\021\010r7\370\017\202] (from client local port 0)
    Fri Aug 31 22:09:28 2007 : Info: rlm_sql (sql): No matching entry in the database for request from user [teste]
    Fri Aug 31 22:09:28 2007 : Auth: Login incorrect: [teste/ZF+\014_\322F\267P\020\031gL\232O\233] (from client local port 0)


    Usando o ntraping

    com um usuaro do sistem autentica:


    Fri Aug 31 22:11:11 2007 : Auth: Login OK: [root/ks93am25] (from client 192.168.9.7 port 0)

    com um usuario do banco de dados do mysql não autentica

    Fri Aug 31 22:12:21 2007 : Info: rlm_sql (sql): No matching entry in the database for request from user [suporte]
    Fri Aug 31 22:12:21 2007 : Auth: Login incorrect: [suporte/123456] (from client 192.168.9.7 port 0)



  5. cola teu radius.conf acho que ja sei onde eh o erro..

    tem uma diretiva que vc escolhe onde ele vai autenticar.. deve ter shadow ou passwd ou unix.. e dps sql..






Tópicos Similares

  1. problema com freeradius no mandriva 2008
    Por guezth no fórum Servidores de Rede
    Respostas: 5
    Último Post: 02-04-2008, 13:19
  2. Problemas com o freeradius 1.05
    Por thilupas no fórum Servidores de Rede
    Respostas: 0
    Último Post: 03-05-2007, 09:40
  3. Problemas com Freeradius 1.05
    Por japaeye4u no fórum Servidores de Rede
    Respostas: 0
    Último Post: 15-09-2005, 17:42
  4. Problema com freeradius
    Por sarna no fórum Servidores de Rede
    Respostas: 1
    Último Post: 29-04-2005, 14:52
  5. Problemas com FreeRadius e MySql
    Por TheHawk no fórum Servidores de Rede
    Respostas: 0
    Último Post: 08-03-2005, 09:00

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L