Authentication error in freeradius server - mysql

I have installed freeradius server on Ubuntu-14.04, when I try take radtest on server using, radtest -x bob root123 127.0.0.1 1812 testing123
I get following error when I run freeradius -X,
[sql] User bob not found
++[sql] returns notfound >++[expiration] returns noop >++[logintime] returns noop >[pap] WARNING! No "known good" password found for the user. >Authentication may fail because of this. >++[pap] returns noop >ERROR: No authenticate method (Auth-Type) found for the request: >Rejecting the user >Failed to authenticate the user >Using Post-Auth-Type Reject
I have added user in users file, bob Cleartext-Password := "root123"
In eap.conf file, default_eap_type = peap
Still getting an error, can anyone help me to resolve my issue?

Have you enabled the text-file as a valid source for your users?
The error message seems like you just enabled sql but not the
#
# Read the 'users' file
files
in the sites-enabled/default (and innter-tunnel)
Hopefully this fixes your problem

Related

Getting error 400 - registration error when run sym command and how to perform two way sync using SymmetricDS

I am trying to sync two database on same machine(just for testing) using symmetricDS. I have performed below installation steps.
Two copy of Symmetric set up ,sym-corp and sym-store
Corp and store 's property file are set up for mysql DB.
registered the copr
bin\sysadmin --engin corp-000 open-registration store 001
Start sym cmd but throwing below error
bin\sym --engine store-001 --port 8080
[store-001] [DataLoaderService] [store-001-job-3] Using registration > URL of http://localhost:8080/sync/corp-000/registration 2021-01-08
WARN [store-001] [SymmetricServlet] [qtp1325866488-13] > The request
path of the url could not be handled. Check the > engine.name of the
target node vs. the sync URL of the source node.> The request was
/corp-000/registration from the host 127.0.0.1 with an ip address of
127.0.0.1.
[store-001] [RegistrationService] [store-001-job-3] Unexpected error during registration: Received an unexpected response code of 400 from the server StackTraceKey [HttpException:3422623218]
Don't know What is this error, I am trying to clear my base but still no luck yet. I have reviewed official tutorial link but still no luck.
Could you please help me with below queries. This will be great help and also useful for all beginners.
Can you run multiple sym instance on same machine ?
Once set up done Should I run sync for both corp and store ?
Corp and Store 's configuration are correct or not ? if not what is incorrect and why ?
What other steps are missing to run two way syc ?
the problem may be with the line
registration.url=sync.url=http://localhost:8080/sync/corp-000
in corp-000.properties. could you try splitting it to two lines:
registration.url=
sync.url=http://localhost:8080/sync/corp-000

Why I am always getting "inexistent-host" error?

I installed ejabberd 20.07 on Ubuntu and set domain name as faiqkhan-VirtualBox and set user-admin name as admin and password to 123456. I also check install.log file it shows
User admin#faiqkhan-VirtualBox successfully registered. I also checked using command ./ejabberctl registered_users faiqkhan-VirtualBox it returns my user name admin. I don't know why it always giving error Access of <<"admin#faiqkhan-VirtualBox">> from <<"::ffff:127.0.0.1">> failed with error: <<"inexistent-host">> while logging in.
After changing the given URL http://localhost:5280/admin/ to my host http://faiqkhan-VirtualBox:5280/admin/ I successfully logged in.
As the error message states the host (#domain) is non-existent.
You will need to add it to your ejabberd.yml under hosts e.g. for localhost:
hosts:
- "faiqkhan-VirtualBox"
- "localhost"
Or for admin#faiqkhan.com (username admin and hostname faiqkhan.com)
hosts:
- "faiqkhan-VirtualBox"
- "faiqkhan.com"
Cheers

SendGrid misconfiguration on Google Cloud (535 Authentication failed)

So I've installed SendGrid on GoogleCE with Centos base following the documented instruction from Google:
[https://cloud.google.com/compute/docs/tutorials/sending-mail/using-sendgrid#before-you-begin][1]
Using the test from the command line (various accounts):
echo 'MESSAGE' | mail -s 'SUBJECT' GJ******#gmail.com
the /var/log/maillog says with several lines of 50 or so attempts in 1 second:
postfix/error[32324]: A293210062D7: to=<GJ********#gmail.com>, relay=none, delay=145998, delays=145997/1.2/0/0, dsn=4.0.0, status=deferred (delivery temporarily suspended: SASL authentication failed; server smtp.sendgrid.net[167.89.115.53] said: 535 Authentication failed: The provided authorization grant is invalid, expired, or revoked)
And the message is queued up and retried every few hours. Now, messing around, I could change the port setting from 2525 to one of the regular ports that isn't blocked by google and the email gets bounced right away to the user account in the mail test message.
I made sure to use the api key generated, the SendGrid system say no attempt have been made or bounced or whatever.
There were other errors in the maillog, actually as it tries every second, pages of them, but I change the perms in that directory so no longer, but maybe gives a clue to how it's misconfigured?
Oct 31 19:04:14 beadc postfix/pickup[15119]: fatal: chdir("/var/spool/postfix"): Permission denied
Oct 31 19:04:15 beadc postfix/master[1264]: warning: process /usr/libexec/postfix/qmgr pid 15118 exit status 1
Oct 31 19:04:15 beadc postfix/master[1264]: warning: /usr/libexec/postfix/qmgr: bad command startup -- throttling
Oct 31 19:04:15 beadc postfix/master[1264]: warning: process /usr/libexec/postfix/pickup pid 15119 exit status 1
Oct 31 19:04:15 beadc postfix/master[1264]: warning: /usr/libexec/postfix/pickup: bad command startup -- throttling
The only info I can find searching about the error is that it means a SendGrid misconfiguration.
Any ideas as to what the misconfiguration might be?
I've determined the 535 error was a port/firewall issue. Which means that the 550 error I had on the other port still exists.
Check your firewall settings on 535
[https://cloud.google.com/compute/docs/tutorials/sending-mail/][1]

fiware POI: cannot add poi: always unauthorized

I have two instances:
keyrock
Poi with wilma-proxy
Trying to create a poi in instance, allways the response is 401 Permission denied. But token is correct as said proxy log:
2016-10-14 09:40:30.132 - INFO: IDM-Client - Token in cache, checking timestamp...
2016-10-14 09:40:30.135 - INFO: IDM-Client - Token in cache expired
2016-10-14 09:40:30.136 - INFO: IDM-Client - Checking token with IDM...
2016-10-14 09:40:30.342 - INFO: Root - Access-token OK. Redirecting to app...
Refused to set unsafe header "content-length"
2016-10-14 09:40:30.366 - ERROR: HTTP-Client - Error: 401 Permission denied.
So, i think the problem is the authenticate.html file. The only lines i changed are:
<meta name="fiware_lab-signin-client_id"
content="8dc5826cdaea4729a4f43a01d01cb32e">
<meta name="fiware_lab-signin-host" content="http://myserver.com:8000">
fiware_lab-signin-client_id has the client_id of application POI created in my keyrock instance.
the fiware_lab-signin-host has the server AND port of horizon.
Is that correct? I try with 5000 port (keystone) without results.
Also, I found this in add_poi.php:
$session = get_session();
$user_id = $session['user'];
$add_permission = $session['permissions']['add'];
if(!$add_permission) {
header("HTTP/1.0 401 Unauthorized");
die("Permission denied.");
}
If comment these lines, all proccess seems to be correct until the sql insert. (needs the $session['user'] and other parameters that are null)
I dont understand why these lines are there. also, the function get_session() returns a hardcoded array and not the session (which may not have)
I'm so confused how to use this enabler. Anyone knows how to use?
Have you configured the auth_conf.json file with the root user(s) of the POI-DP? Configuring hard users The POI-DP considers the Keystone as a general identity provider (as Google+). You have to separately give permissions to the POI-DP users, first configuring the root users with all privileges and then they can call other users using user_management.html . Site Administration
Please, use the tag fiware-poi for quicker response to POI-DP questions.

Smtp error 451 Temporary local - please try later on Cpanel Server

I have a Cpanel Server.
It send emails correctly expect from 1 domain which hosted on the server , so when I try to send email from that domain using roundcube or Horde I got the errror
SMTP Error (451): Failed to add recipient "recipient#exmple.com" (Temporary local problem - please try later).
does anyone know why and how to fix this?
I found the porblem:
After reviewing the file /var/log/exim_mainlog using
tail -f /var/log/exim_mainlog
I noticed that the error was:
2013-05-29 20:04:28 SMTP connection from [127.0.0.1]:36797 (TCP/IP connection count = 1)
2013-05-29 20:04:28 lowest numbered MX record points to local host: domain.com (while verifying <user#domain.com> from host localhost.localdomain (domain.com) [127.0.0.1]:36797)
2013-05-29 20:04:28 H=localhost.localdomain (domain.com) [127.0.0.1]:36797 sender verify defer for <user#domain.com>: lowest numbered MX record points to local host
2013-05-29 20:04:28 H=localhost.localdomain (domain.com) [127.0.0.1]:36797 F=<user#domain.com> A=dovecot_login:narena temporarily rejected RCPT <recipient#exmple.com>: Could not complete sender verify
2013-05-29 20:04:28 SMTP connection from localhost.localdomain (domain.com) [127.0.0.1]:36797 closed by QUIT
so the main problem was:
lowest numbered MX record points to local host
after couple of search I found the soluation in http://forums.cpanel.net/f5/lowest-numbered-mx-record-points-local-host-73563.html
which was to:
login to WHM and go to Main >> DNS Functions >> Edit MX Entry for the domain
set MX priority to 0 for the related domain and save.
I had the same problem after running a script to fix directory permissions on a cPanel-powered server (CentOS 6.5). I checked the logfile (tail -f /var/log/exim_mainlog) and found this error:
require_files: error for /home/user_name/etc/domain.com: Permission denied
Just ran the following command and the issue was fixed:
chown -R user_name:mail /home/user_name/etc/
Hope this helps someone.
check the the file /var/log/exim_mainlog to see more information about the error
tail -f /var/log/exim_mainlog
while trying to send email
Check your MX Entry in Cpanel, if the existing domain priority is less than or equals to 0, set it to 1. Mine is fixed. Hope it will help you.
Wow, after about an hour of searching and meddling with different files, I'd caution any novice not to venture out editing anything before you have a backup or image if your server, as you can cause irrevocable damage to your server. So many people talking garbage about what you should do or test without any real solution.
Anyways, here's what worked for me:
Real problem: Exim was updated to latest version which has loads of bugs like this issue.
How I fixed my server:
Authenticate to Linux via SSH and run the command lines through which we download and install the old version of EXIM.
Command Line 1: wget https://ca1.dynanode.net/exim-4.93-3.el7.x86_64.rpm
Command Line 2: rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
Command Line 3: systemctl restart exim
Command Line 4: Systemctl restart clamd
Command Line 5: systemctl restart spamassassin
Optional: just type "Reboot" to restart your server
The command lines above does the following:
Downloads the old package (I'm sure you can google other sources with this file)
Install the old package without prompt
Restart the Exim service
Restart the Clamd Service (AV)
Restart the spamassassin service (Spam Filter)
Restart outlook or whatever you use for mail client and send an email. Mine works, hope yours do too.