Fresh Install PID but I get "Auth-Type EAP' section."

Hi,
I try to Install PID on Centos7 by using directive in Two-Factor-Authentication with OTP on Centos7
When I came to Test Freeradius step, I got an error while run freeradius in debug mode :slight_smile:

freeradius -X


Instantiating module “eap” from file /etc/raddb/mods-enabled/eap
/etc/raddb/mods-enabled/eap[14]: Failed to find ‘Auth-Type EAP’ section. Cannot authenticate users.
/etc/raddb/mods-enabled/eap[14]: Instantiation failed for module "eap"

can you have any idea why happen this?

Hi and welcome to the forum,
the linked HowTo is quite outdated and will be replaced soon.
Centos7 uses FreeRadius 3.0 which changes the config, maybe this post might help:

Sorry but I dont’t understand. The link that Is shared, is exactly same that you offer.
Anser not clear for me. But, you mean I’ve to change
/etc/raddb/sites-available/privacyidea file according to Provide config for packing for FreeRADIUS2 and 3 ?

Do I have to delete old one:

server default {
listen {
type = auth
ipaddr = *
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
listen {
ipaddr = *
port = 0
type = acct
limit {
}
}

authorize {
preprocess
digest
suffix
ntdomain
files
expiration
logintime
pap
update control {
Auth-Type := Perl
}
}

authenticate {
Auth-Type Perl {
perl
}
digest
}

preacct {
suffix
files
}

accounting {
detail
}

session {
}
post-auth {
}
pre-proxy {
}
post-proxy {
}
}

And Write this?

server {
authorize {
files
perl
if (ok || updated) {
update control {
Auth-Type := Perl
}
}
}
listen {
type = auth
ipaddr = *
port = 0
}
authenticate {
Auth-Type Perl {
perl
}
}
}

Freeradius versions is 3.0.13
And I change /etc/raddb/sites-available file as:

server {
        authorize {
                #files
                perl
                if (ok || updated) {
                        update control {
                                Auth-Type := Perl
                        }
                }
        }
	listen {
                type = auth
                ipaddr = *
                port = 0
        }
	authenticate {
                Auth-Type Perl {
                        perl
                }
        }
}

And /etc/raddb/mods-available as:

perl {
#filename = ${modconfdir}/${.:instance}/example.pl
#filename = ${modconfdir}/${.:instance}/privacyidea_radius.pm
filename = /etc/raddb/mods-config/perl/privacyidea_radius.pm
}

But nothing change. Still I get same error.

Delete this file: /etc/raddb/mods-enabled/eap (which actually is a link)
It fails to initialize eap. You are not using eap. So the logical step is to disable eap (by deleting the file.

Use

radius -X

to run freeradius in debug mode. Read the output and try to understand that.
Buy this book: https://www.amazon.com/FreeRADIUS-Beginners-Guide-Dirk-Walt/dp/1849514089
It is a bit outdated but it is still a good introduction to freeradius.

Use the radclient tool to check your authentication.
https://privacyidea.readthedocs.io/en/latest/application_plugins/index.html?highlight=radclient#freeradius

FreeRADIUS has a great debug output when running with the -X option.