Failed to Authenticate user in FreeRadius 2.2.0

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Failed to Authenticate user in FreeRadius 2.2.0
# 1  
Old 11-16-2015
Failed to Authenticate user in FreeRadius 2.2.0

Hi All,

I've installed FreeRadius 2.2.0 in Oracle Solaris 10 1/13, and I'm getting Access-Reject when tried using 'radtest' tool. When debugging is enabled I'm getting the following message

Debug: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

I've used "./radiusd -Xx" for debugging

Code:
bash-3.2# pwd 
/opt/csw/sbin
bash-3.2# ./radiusd -Xx
Mon Nov 16 23:07:33 2015 : Info: FreeRADIUS Version 2.2.0, for host sparc-sun-solaris2.10, built on Jan  1 2013 at 21:58:35
Mon Nov 16 23:07:33 2015 : Info: Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. 
Mon Nov 16 23:07:33 2015 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
Mon Nov 16 23:07:33 2015 : Info: PARTICULAR PURPOSE. 
Mon Nov 16 23:07:33 2015 : Info: You may redistribute copies of FreeRADIUS under the terms of the 
Mon Nov 16 23:07:33 2015 : Info: GNU General Public License v2. 
Mon Nov 16 23:07:33 2015 : Info: Starting - reading configuration files ...
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/radiusd.conf
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/proxy.conf
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/clients.conf
Mon Nov 16 23:07:33 2015 : Debug: including files in directory /etc/opt/csw/freeradius/modules/
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/acct_unique.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/always.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/attr_filter.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/attr_rewrite.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/cache.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/chap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/checkval.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/counter.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/cui.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/detail.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/detail.example.com.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/detail.log.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/digest.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/dynamic_clients.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/echo.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/etc_group.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/exec.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/expiration.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/expr.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/files.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/inner-eap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/ippool.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/linelog.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/logintime.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/mac2ip.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/mac2vlan.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/mschap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/ntlm_auth.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/opendirectory.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/otp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/pam.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/pap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/passwd.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/policy.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/preprocess.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/radrelay.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/radutmp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/realm.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/redis.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/rediswho.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/replicate.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/smbpasswd.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/smsotp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/soh.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/sql_log.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/sqlcounter_expire_on_login.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/sradutmp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/unix.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/wimax.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/eap.conf
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/policy.conf
Mon Nov 16 23:07:33 2015 : Debug: including files in directory /etc/opt/csw/freeradius/sites-enabled/
Mon Nov 16 23:07:33 2015 : Debug: main {
Mon Nov 16 23:07:33 2015 : Debug:       allow_core_dumps = no
Mon Nov 16 23:07:33 2015 : Debug: }
Mon Nov 16 23:07:33 2015 : Debug: including dictionary file /etc/opt/csw/freeradius/dictionary
Mon Nov 16 23:07:33 2015 : Debug: main {
Mon Nov 16 23:07:33 2015 : Debug:       name = "radiusd"
Mon Nov 16 23:07:33 2015 : Debug:       prefix = "/opt/csw"
Mon Nov 16 23:07:33 2015 : Debug:       localstatedir = "/var/opt/csw"
Mon Nov 16 23:07:33 2015 : Debug:       sbindir = "/opt/csw/sbin"
Mon Nov 16 23:07:33 2015 : Debug:       logdir = "/var/opt/csw/log/radius"
Mon Nov 16 23:07:33 2015 : Debug:       run_dir = "/var/opt/csw/run/radiusd"
Mon Nov 16 23:07:33 2015 : Debug:       libdir = "/opt/csw/lib/freeradius"
Mon Nov 16 23:07:33 2015 : Debug:       radacctdir = "/var/opt/csw/log/radius/radacct"
Mon Nov 16 23:07:33 2015 : Debug:       hostname_lookups = no
Mon Nov 16 23:07:33 2015 : Debug:       max_request_time = 30
Mon Nov 16 23:07:33 2015 : Debug:       cleanup_delay = 5
Mon Nov 16 23:07:33 2015 : Debug:       max_requests = 1024
Mon Nov 16 23:07:33 2015 : Debug:       pidfile = "/var/opt/csw/run/radiusd/radiusd.pid"
Mon Nov 16 23:07:33 2015 : Debug:       checkrad = "/opt/csw/sbin/checkrad"
Mon Nov 16 23:07:33 2015 : Debug:       debug_level = 0
Mon Nov 16 23:07:33 2015 : Debug:       proxy_requests = yes
Mon Nov 16 23:07:33 2015 : Debug:  log {
Mon Nov 16 23:07:33 2015 : Debug:       stripped_names = no
Mon Nov 16 23:07:33 2015 : Debug:       auth = no
Mon Nov 16 23:07:33 2015 : Debug:       auth_badpass = no
Mon Nov 16 23:07:33 2015 : Debug:       auth_goodpass = no
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  security {
Mon Nov 16 23:07:33 2015 : Debug:       max_attributes = 200
Mon Nov 16 23:07:33 2015 : Debug:       reject_delay = 1
Mon Nov 16 23:07:33 2015 : Debug:       status_server = no
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Loading Realms and Home Servers ####
Mon Nov 16 23:07:33 2015 : Debug:  proxy server {
Mon Nov 16 23:07:33 2015 : Debug:       retry_delay = 5
Mon Nov 16 23:07:33 2015 : Debug:       retry_count = 3
Mon Nov 16 23:07:33 2015 : Debug:       default_fallback = no
Mon Nov 16 23:07:33 2015 : Debug:       dead_time = 120
Mon Nov 16 23:07:33 2015 : Debug:       wake_all_if_all_dead = no
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  home_server localhost {
Mon Nov 16 23:07:33 2015 : Debug:       ipaddr = 127.0.0.1
Mon Nov 16 23:07:33 2015 : Debug:       port = 1812
Mon Nov 16 23:07:33 2015 : Debug:       type = "auth"
Mon Nov 16 23:07:33 2015 : Debug:       secret = "testing123"
Mon Nov 16 23:07:33 2015 : Debug:       response_window = 20
Mon Nov 16 23:07:33 2015 : Debug:       max_outstanding = 65536
Mon Nov 16 23:07:33 2015 : Debug:       require_message_authenticator = yes
Mon Nov 16 23:07:33 2015 : Debug:       zombie_period = 40
Mon Nov 16 23:07:33 2015 : Debug:       status_check = "status-server"
Mon Nov 16 23:07:33 2015 : Debug:       ping_interval = 30
Mon Nov 16 23:07:33 2015 : Debug:       check_interval = 30
Mon Nov 16 23:07:33 2015 : Debug:       num_answers_to_alive = 3
Mon Nov 16 23:07:33 2015 : Debug:       num_pings_to_alive = 3
Mon Nov 16 23:07:33 2015 : Debug:       revive_interval = 120
Mon Nov 16 23:07:33 2015 : Debug:       status_check_timeout = 4
Mon Nov 16 23:07:33 2015 : Debug:   coa {
Mon Nov 16 23:07:33 2015 : Debug:       irt = 2
Mon Nov 16 23:07:33 2015 : Debug:       mrt = 16
Mon Nov 16 23:07:33 2015 : Debug:       mrc = 5
Mon Nov 16 23:07:33 2015 : Debug:       mrd = 30
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  home_server_pool my_auth_failover {
Mon Nov 16 23:07:33 2015 : Debug:       type = fail-over
Mon Nov 16 23:07:33 2015 : Debug:       home_server = localhost
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  realm example.com {
Mon Nov 16 23:07:33 2015 : Debug:       auth_pool = my_auth_failover
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  realm LOCAL {
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Loading Clients ####
Mon Nov 16 23:07:33 2015 : Debug:  client localhost {
Mon Nov 16 23:07:33 2015 : Debug:       ipaddr = 127.0.0.1
Mon Nov 16 23:07:33 2015 : Debug:       require_message_authenticator = no
Mon Nov 16 23:07:33 2015 : Debug:       secret = "testing123"
Mon Nov 16 23:07:33 2015 : Debug:       nastype = "other"
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Instantiating modules ####
Mon Nov 16 23:07:33 2015 : Debug:  instantiate {
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_exec, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_exec
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "exec" from file /etc/opt/csw/freeradius/modules/exec.CSW
Mon Nov 16 23:07:33 2015 : Debug:   exec {
Mon Nov 16 23:07:33 2015 : Debug:       wait = no
Mon Nov 16 23:07:33 2015 : Debug:       input_pairs = "request"
Mon Nov 16 23:07:33 2015 : Debug:       shell_escape = yes
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_expr, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_expr
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "expr" from file /etc/opt/csw/freeradius/modules/expr.CSW
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_expiration, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_expiration
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "expiration" from file /etc/opt/csw/freeradius/modules/expiration.CSW
Mon Nov 16 23:07:33 2015 : Debug:   expiration {
Mon Nov 16 23:07:33 2015 : Debug:       reply-message = "Password Has Expired  "
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_logintime, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_logintime
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "logintime" from file /etc/opt/csw/freeradius/modules/logintime.CSW
Mon Nov 16 23:07:33 2015 : Debug:   logintime {
Mon Nov 16 23:07:33 2015 : Debug:       reply-message = "You are calling outside your allowed timespan  "
Mon Nov 16 23:07:33 2015 : Debug:       minimum-timeout = 60
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Loading Virtual Servers ####
Mon Nov 16 23:07:33 2015 : Debug: server { # from file /etc/opt/csw/freeradius/radiusd.conf
Mon Nov 16 23:07:33 2015 : Debug:  modules {
Mon Nov 16 23:07:33 2015 : Debug:  Module: Checking authorize {...} for more modules to load
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_pap, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_pap
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "pap" from file /etc/opt/csw/freeradius/modules/pap.CSW
Mon Nov 16 23:07:33 2015 : Debug:   pap {
Mon Nov 16 23:07:33 2015 : Debug:       encryption_scheme = "auto"
Mon Nov 16 23:07:33 2015 : Debug:       auto_header = no
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_chap, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_chap
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "chap" from file /etc/opt/csw/freeradius/modules/chap.CSW
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_mschap, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_mschap
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "mschap" from file /etc/opt/csw/freeradius/modules/mschap.CSW
Mon Nov 16 23:07:33 2015 : Debug:   mschap {
Mon Nov 16 23:07:33 2015 : Debug:       use_mppe = yes
Mon Nov 16 23:07:33 2015 : Debug:       require_encryption = no
Mon Nov 16 23:07:33 2015 : Debug:       require_strong = no
Mon Nov 16 23:07:33 2015 : Debug:       with_ntdomain_hack = no
Mon Nov 16 23:07:33 2015 : Debug:       allow_retry = yes
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_digest, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_digest
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "digest" from file /etc/opt/csw/freeradius/modules/digest.CSW
Mon Nov 16 23:07:33 2015 : Debug:  } # modules
Mon Nov 16 23:07:33 2015 : Debug: } # server
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Opening IP addresses and Ports ####
Mon Nov 16 23:07:33 2015 : Debug: listen {
Mon Nov 16 23:07:33 2015 : Debug:       type = "auth"
Mon Nov 16 23:07:33 2015 : Debug:       ipaddr = *
Mon Nov 16 23:07:33 2015 : Debug:       port = 0
Mon Nov 16 23:07:33 2015 : Debug: }
Mon Nov 16 23:07:33 2015 : Debug:  ... adding new socket proxy address * port 62647
Mon Nov 16 23:07:33 2015 : Debug: Listening on authentication address * port 1812
Mon Nov 16 23:07:33 2015 : Debug: Listening on proxy address * port 1814
Mon Nov 16 23:07:33 2015 : Info: Ready to process requests.


I've used the following command to run the 'radtest'

Code:
bash-3.2# pwd
/opt/csw/bin
bash-3.2# ./radtest radtest abc123 127.0.0.1 0 testing123
Sending Access-Request of id 128 to 127.0.0.1 port 1812
        User-Name = "radtest"
        User-Password = "abc123"
        NAS-IP-Address = 10.100.9.14
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=128, length=20
bash-3.2#


when run the above command the following output is seen in the debugging window

Code:
rad_recv: Access-Request packet from host 127.0.0.1 port 62653, id=128, length=77
        User-Name = "radtest"
        User-Password = "abc123"
        NAS-IP-Address = 10.100.9.14
        NAS-Port = 0
        Message-Authenticator = 0x5f41bc1a41222ae7d66615eedc5caf85
Mon Nov 16 23:11:07 2015 : Debug: # Executing section authorize from file /etc/opt/csw/freeradius/radiusd.conf
Mon Nov 16 23:11:07 2015 : Debug: +- entering group authorize {...}
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling pap (rlm_pap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from pap (rlm_pap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[pap] returns noop
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling chap (rlm_chap) for request 1
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from chap (rlm_chap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[chap] returns noop
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling mschap (rlm_mschap) for request 1
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from mschap (rlm_mschap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[mschap] returns noop
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling digest (rlm_digest) for request 1
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from digest (rlm_digest) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[digest] returns noop
Mon Nov 16 23:11:07 2015 : Debug: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Mon Nov 16 23:11:07 2015 : Debug: Failed to authenticate the user.
Mon Nov 16 23:11:07 2015 : Debug: Delaying reject of request 1 for 1 seconds
Mon Nov 16 23:11:07 2015 : Debug: Going to the next request
Mon Nov 16 23:11:07 2015 : Debug: Waking up in 0.9 seconds.
Mon Nov 16 23:11:08 2015 : Debug: Sending delayed reject for request 1
Sending Access-Reject of id 128 to 127.0.0.1 port 62653
Mon Nov 16 23:11:08 2015 : Debug: Waking up in 4.9 seconds.
Mon Nov 16 23:11:13 2015 : Debug: Cleaning up request 1 ID 128 with timestamp +214
Mon Nov 16 23:11:13 2015 : Info: Ready to process requests.


my user file inside "/etc/opt/csw/freeradius" is as follows

Code:
bash-3.2# pwd
/etc/opt/csw/freeradius
bash-3.2# cat users 
radtest Cleartext-Password := "abc123"
#radtest Auth-Type := local,  User-Password == "abc123",Expiration = "Jan 10 2017"
#         Service-Type = Login-User,
#         Acme-User-Class = admin,
#         Acme-User-Privilege = sftpForAll

#
#       Please read the documentation file ../doc/processing_users_file,
#       or 'man 5 users' (after installing the server) for more information.
#
#       This file contains authentication security and configuration
#       information for each user.  Accounting requests are NOT processed
#       through this file.  Instead, see 'acct_users', in this directory.
#
#       The first field is the user's name and can be up to
#       253 characters in length.  This is followed (on the same line) with
#       the list of authentication requirements for that user.  This can
#       include password, comm server name, comm server port number, protocol
#       type (perhaps set by the "hints" file), and huntgroup name (set by
#       the "huntgroups" file).
#
#       If you are not sure why a particular reply is being sent by the
#       server, then run the server in debugging mode (radiusd -X), and
#       you will see which entries in this file are matched.
#
#       When an authentication request is received from the comm server,
#       these values are tested. Only the first match is used unless the
#       "Fall-Through" variable is set to "Yes".
#
#       A special user named "DEFAULT" matches on all usernames.
#       You can have several DEFAULT entries. All entries are processed
#       in the order they appear in this file. The first entry that
#       matches the login-request will stop processing unless you use
#       the Fall-Through variable.
#
#       If you use the database support to turn this file into a .db or .dbm
#       file, the DEFAULT entries _have_ to be at the end of this file and
#       you can't have multiple entries for one username.
#
#       Indented (with the tab character) lines following the first
#       line indicate the configuration values to be passed back to
#       the comm server to allow the initiation of a user session.
#       This can include things like the PPP configuration values
#       or the host to log the user onto.
#
#       You can include another `users' file with `$INCLUDE users.other'
#

#
#       For a list of RADIUS attributes, and links to their definitions,
#       see:
#
#       
#

#
# Deny access for a specific user.  Note that this entry MUST
# be before any other 'Auth-Type' attribute which results in the user
# being authenticated.
#
# Note that there is NO 'Fall-Through' attribute, so the user will not
# be given any additional resources.
#
#lameuser       Auth-Type := Reject
#               Reply-Message = "Your account has been disabled."

#
# Deny access for a group of users.
#
# Note that there is NO 'Fall-Through' attribute, so the user will not
# be given any additional resources.
#
#DEFAULT        Group == "disabled", Auth-Type := Reject
DEFAULT  Auth-Type = System
#               Reply-Message = "Your account has been disabled."
#

#
# This is a complete entry for "steve". Note that there is no Fall-Through
# entry so that no DEFAULT entry will be used, and the user will NOT
# get any attributes in addition to the ones listed here.
#
#steve  Cleartext-Password := "testing"
#       Service-Type = Framed-User,
#       Framed-Protocol = PPP,
#       Framed-IP-Address = 172.16.3.33,
#       Framed-IP-Netmask = 255.255.255.0,
#       Framed-Routing = Broadcast-Listen,
#       Framed-Filter-Id = "std.ppp",
#       Framed-MTU = 1500,
#       Framed-Compression = Van-Jacobsen-TCP-IP

#
# This is an entry for a user with a space in their name.
# Note the double quotes surrounding the name.
#
#"John Doe"     Cleartext-Password := "hello"
#               Reply-Message = "Hello, %{User-Name}"

#
# Dial user back and telnet to the default host for that port
#
#Deg    Cleartext-Password := "ge55ged"
#       Service-Type = Callback-Login-User,
#       Login-IP-Host = 0.0.0.0,
#       Callback-Number = "9,5551212",
#       Login-Service = Telnet,
#       Login-TCP-Port = Telnet

#
# Another complete entry. After the user "dialbk" has logged in, the
# connection will be broken and the user will be dialed back after which
# he will get a connection to the host "timeshare1".
#
#dialbk Cleartext-Password := "callme"
#       Service-Type = Callback-Login-User,
#       Login-IP-Host = timeshare1,
#       Login-Service = PortMaster,
#       Callback-Number = "9,1-800-555-1212"

#
# user "swilson" will only get a static IP number if he logs in with
# a framed protocol on a terminal server in Alphen (see the huntgroups file).
#
# Note that by setting "Fall-Through", other attributes will be added from
# the following DEFAULT entries
#
#swilson        Service-Type == Framed-User, Huntgroup-Name == "alphen"
#               Framed-IP-Address = 192.168.1.65,
#               Fall-Through = Yes

#
# If the user logs in as 'username.shell', then authenticate them
# using the default method, give them shell access, and stop processing
# the rest of the file.
#
#DEFAULT        Suffix == ".shell"
#               Service-Type = Login-User,
#               Login-Service = Telnet,
#               Login-IP-Host = your.shell.machine


#
# The rest of this file contains the several DEFAULT entries.
# DEFAULT entries match with all login names.
# Note that DEFAULT entries can also Fall-Through (see first entry).
# A name-value pair from a DEFAULT entry will _NEVER_ override
# an already existing name-value pair.
#

#
# Set up different IP address pools for the terminal servers.
# Note that the "+" behind the IP address means that this is the "base"
# IP address. The Port-Id (S0, S1 etc) will be added to it.
#
#DEFAULT        Service-Type == Framed-User, Huntgroup-Name == "alphen"
#               Framed-IP-Address = 192.168.1.32+,
#               Fall-Through = Yes

#DEFAULT        Service-Type == Framed-User, Huntgroup-Name == "delft"
#               Framed-IP-Address = 192.168.2.32+,
#               Fall-Through = Yes

#
# Sample defaults for all framed connections.
#
#DEFAULT        Service-Type == Framed-User
#       Framed-IP-Address = 255.255.255.254,
#       Framed-MTU = 576,
#       Service-Type = Framed-User,
#       Fall-Through = Yes

#
# Default for PPP: dynamic IP address, PPP mode, VJ-compression.
# NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected
#       by the terminal server in which case there may not be a "P" suffix.
#       The terminal server sends "Framed-Protocol = PPP" for auto PPP.
#
DEFAULT Framed-Protocol == PPP
        Framed-Protocol = PPP,
        Framed-Compression = Van-Jacobson-TCP-IP

#
# Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
#
DEFAULT Hint == "CSLIP"
        Framed-Protocol = SLIP,
        Framed-Compression = Van-Jacobson-TCP-IP

#
# Default for SLIP: dynamic IP address, SLIP mode.
#
DEFAULT Hint == "SLIP"
        Framed-Protocol = SLIP

#
# Last default: rlogin to our main server.
#
#DEFAULT
#       Service-Type = Login-User,
#       Login-Service = Rlogin,
#       Login-IP-Host = shellbox.ispdomain.com

# #
# # Last default: shell on the local terminal server.
# #
# DEFAULT
#       Service-Type = Administrative-User

# On no match, the user is denied access.
bash-3.2#

Kindly let me know if any of you can find about what went wrong here.

Thanks in advanced
Buddhike G

Last edited by vbe; 11-16-2015 at 11:25 AM.. Reason: code tags not icode...
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Solaris

User authentication failed while log in Solaris 8 client on Linux NIS server.

Based on the NIS migration tests I did and another question I posted earlier on. https://www.unix.com/solaris/272021-solaris-8-md5-encryption-support.html I tried to downgrade NIS linux encryption to DES to support solaris connection. So I modified /etc/pam.d/system-auth as below, password... (0 Replies)
Discussion started by: bestard
0 Replies

2. Red Hat

Failed to su to user

I am unable to su to functional user, though changed the soft-hard limit for open files in limits.conf. The following command did not help.ulimit -n <value>While su to user, the error I am getting is -su: cannot set user id: Resource temporarily unavailableWhether I need to restart the application... (1 Reply)
Discussion started by: atanubanerji
1 Replies

3. Red Hat

Failed password for invalid user

Dear All , I have created a user named X and gave sudo permissions for it , So that it can access some commands as root. This particular user can login to the server using SSH login through putty any where with in the network. But there is some issue , when the same user is trying from... (4 Replies)
Discussion started by: jegaraman
4 Replies

4. Red Hat

Connect Direct - XSMG242I -Create user profile - sdsc_create failed

HI, I have two Linux servers on which IBM Sterling ConnectDirect is installed. I want to transfer a file from server(abc20) to abc19. I have edited userfile.cfg & netmap.cfg on both the server still file transfer is not happening. Also the file is getting transferred from abc20 to abc20 itself... (5 Replies)
Discussion started by: ABM_CD
5 Replies

5. UNIX for Dummies Questions & Answers

block user account after failed password

hi guys I have Centos 5.4 The idea is lock the user account for 3 minutes after he has entered his password incorrectly 3 times. I've modified /etc/pam.d/system-auth auth required pam_tally.so onerr=fail per_user deny=3 account required pam_tally.so resetbesides... (3 Replies)
Discussion started by: kopper
3 Replies

6. IP Networking

Freeradius & active directory

Hello, I am trying to authenticate through PEAP/mschap with freeradius 2.x and Active Directory. I have followed this guide: Deploying RADIUS: Configuring Authentication with Active Directory wbinfo works: # wbinfo -a LOGIN%PASSWORD plaintext password authentication failed Could not... (0 Replies)
Discussion started by: sncr24
0 Replies

7. UNIX for Advanced & Expert Users

FreeRADIUS VMPS Configuration

I could use some help with freeradius configuration. If there is any expert user out there kind enough to give me a hand, would really appreciate it. Goal: We are trying to use the freeRADIUS server's VMPS integration feature. Unfortunately the wiki pages do not have real life deployment... (0 Replies)
Discussion started by: mushfiqul
0 Replies

8. Shell Programming and Scripting

tcsh user failed to call library in ksh program

Hi folks, I'm trying to organize functions in my ksh program into libraries. If I run my program as any ksh user it will succeed. Only when I run my program as tcsh user (i.e oracle) I failed. Example ======= The ksh code: tornado:/tmp # cat nir.ksh #! /bin/ksh cdromPath=`pwd`... (1 Reply)
Discussion started by: nir_s
1 Replies
Login or Register to Ask a Question