Reply
New Member
Posts: 9
Registered: ‎09-06-2018
Kudos: 2

ucrm and freeradius

Link for the script is bellow on my github. Make sure you view the read me and if you have any questions just ask. I'll be happy to help and if you work in python and want to help improve the script join in.

https://github.com/jhooper94/ucrm-freeradius-auth

New Member
Posts: 5
Registered: a week ago

Re: ucrm and freeradius

Hi jhoop,

 

Thanks for taking the time to get all those scripts set up.

We are just doing some testing with uCRM, and one of the 'must haves' was Radius authentication.  I hope others are finding this useful.

Anyhow, first some feedback.

1. In ucrmsetup.py, there are 4 instances where you have written 'Inter . . .', that should read 'Enter . . . '.

2. When I got to the part "Go to http://,address of server,/daloradius", the page timed out.  After I manually opened ports 80 & 443, then the page loaded just fine.  Maybe you could add that to your script.

3. Also with the above you might like to mention that the default password for daloradius is 'radius'.  I didn't know, but managed to find it online.

 

Now, I need some guidance.  Man Happy

As mentioned above, we are just testing uCRM at the moment, and only have one client and 3 service plans (for testing).

After running "python master.py", in Daloradius I don't see any data.  Is that expected?

So, I ran the master.py script again and got the following:

root@radcrm:/# python master.py
Traceback (most recent call last):
File "master.py", line 6, in <module>
config.readfp(open(r'config.ini'))
File "/usr/local/lib/python2.7/dist-packages/backports/configparser/__init__.py", line 760, in readfp
self.read_file(fp, source=filename)
File "/usr/local/lib/python2.7/dist-packages/backports/configparser/__init__.py", line 715, in read_file
self._read(f, source)
File "/usr/local/lib/python2.7/dist-packages/backports/configparser/__init__.py", line 1078, in _read
lineno)
backports.configparser.DuplicateSectionError: While reading from 'config.ini' [line 15]: section 'ucrm' already exists

 

Not sure if the above are errors or not, but I was expecting to see my 1 client in Daloradius under Management > List Users.  But there was nothing there.

 

Could you let me know if I have done something wrong here, and whether I am supposed to enter anything manually.

 

Also, in your README you say "everytime a package change or device mac address is added or changed you will have to run it".   Do you mean run master.py or run everything from setup.sh ?

 

Thanks,

Ken

New Member
Posts: 5
Registered: a week ago

Re: ucrm and freeradius

Update:

Resolved that error by editing the config.ini file.  Everything appears to have run smoothly.

Yet, I don't see any clients in the daloradius.  Should there be?

 

The next question will be:  How to integrate this into uCRM?  Will clients be able to authenticate with Radius?

 

Thanks

New Member
Posts: 9
Registered: ‎09-06-2018
Kudos: 2

Re: ucrm and freeradius

If you go to User-Groups under management and click list user-groups mapping you will see all the clients mac address and the plan you created mapped to them. I have also updated the master.py script to add a progress bar since when you get to nearly 2000 clients it takes a little while for it to run. Thank you for pointing out my mistake I probably wouldn't have noticed it. Sorry for the late reply.

New Member
Posts: 5
Registered: a week ago

Re: ucrm and freeradius

Hi jhoop, Thanks for your reply, but still having issues.

Trying to think about what or where this is going wrong and I recall last week that at some point in the scripting process I saw a message saying "It didn't work".


I found that message in 'stage2.py'. Please note that I am not a programmer, but I wonder if that is caused by this line:
cursor.execute('GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radiuspassword"')

'radiuspassword' doesn't seem to be defined, but 'password' is. Should that read 'password' instead of 'radiuspassword'.

 

I went ahead and manually set the password in mysql (GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "12345678").

 

On completion of 'master.py' I got this:
root@radcrm:/# python master.py
Table is now empty Prepairing to load clients into database
Loading Clients: [########################################] 99/99
All Clients loaded.

 

But, when i check in Daloradius, there is nothing there. Mysql shows this:

MariaDB [radius]>
MariaDB [radius]> select * from radcheck;
Empty set (0.000 sec)

MariaDB [radius]> select * from radusergroup;
Empty set (0.000 sec)

MariaDB [radius]> select * from userinfo;
Empty set (0.000 sec)


Any ideas?

Thanks, Ken

Highlighted
New Member
Posts: 9
Registered: ‎09-06-2018
Kudos: 2

Re: ucrm and freeradius

Check your API key. The only way I could recreate the problem is making sure the API key was wrong. Which makes two problems with the script next update will verifiy key is good and verify it did write data to the database properly. 

New Member
Posts: 5
Registered: a week ago

Re: ucrm and freeradius

Got it.   Hurray

 

I didn't realize that you had hard-coded the mysql password.  After I had manually changed the radius user's password, then radius couldn't start up because "Couldn't connect to MySQL server radius@localhost:radius".

 

I reset the password as per the pwd in ../mods-enabled/sql , started radiusd, then ran 'python master.py' and the data now shows in daloradius.

 

Thanks for all your help so far.  Now, to see what we can do with this.

 

Cheers2

New Member
Posts: 5
Registered: a week ago

Re: ucrm and freeradius

I just noticed that the following lines in python.py don't get entered into the db:

sql5 = """INSERT INTO userinfo (username, firstname, lastname) VALUES ('"""

sql6 = """)"""

 

If you check at the bottom of python.py, you can see that it enters the values of sql, sql1, sql2, sql3 and sql4, but not sql5 & 6.

 

The userinfo table is empty.

New Member
Posts: 9
Registered: ‎09-06-2018
Kudos: 2

Re: ucrm and freeradius

SQL5&6 are still in testings. They are not ready to write into the database because it is causing errors that I am working on. The mysql password isn't hard coded you set the password yourself. The database is hard coded on how it is set up, but the code actually passes the password you set along so that it could do what is needed.
Reply