On 06/15/2011 03:20 AM, Angus JIANG Jian wrote:
Hi,
My radius version is .1.6, for redhat workstation 5 32bit
[root@npsradius ~]# radiusd -v
radiusd: FreeRADIUS Version 1.1.6, for host i686-pc-linux-gnu, built on Feb 5
2009 at 16:54:58
This is ancient.
Upgrade to 2.1.10. You will need to
On 06/14/2011 09:44 PM, Jimmy wrote:
I have Kerberos 1.6 configured to use OpenLDAP 2.3.43 as a back end. I
am trying to configure Freeradius 2.1.7 to authenticate to Kerberos.
My advice would be to investigate having FreeRADIUS pull the user info
(secrets etc.) direct from LDAP. It'll save
Stefan A. wrote:
is there an option to turn just SQL Errors and warnings on, to be written to
disk?
They should be logged by default.
My opinion is, that not FR is ignoring attributes, but SQL is simply not
delivering them ... from time to time, possibly by timeouts
I assume, that FR
Hi,
I've picked up the following 'missing' pages:
The originals were:
http://wiki.freeradius.org/Fail-over http://wiki.freeradius.org/Fail-over
http://wiki.freeradius.org/Load_balancing
http://wiki.freeradius.org/Load_balancing
http://wiki.freeradius.org/List_of_modules
Ug thats really weird.
I put together a set of patches to specifically fix this behaviour... and they
work fine on their own in their own branch, something much have gone wrong with
another patch, maybe the TOC stuff. I'll look into it.
-Arran
On Jun 15, 2011, at 11:48 AM, Dirk van der Walt
I haven't yet done a test using strace but wanted to add what I did find when
I got started this morning. If I attempt to authenticate with the user
test1, password `qwer` (the correct password,) I get this response:
Wed Jun 15 08:40:19 2011 : Auth: rlm_krb5: [test1@CSP-BACK] krb5_rd_req()
On 06/14/2011 10:20 PM, Angus JIANG Jian wrote:
Hi,
My radius version is .1.6, for redhat workstation 5 32bit
[root@npsradius ~]# radiusd -v radiusd: FreeRADIUS Version 1.1.6, for
host i686-pc-linux-gnu, built on Feb 5 2009 at 16:54:58
RHEL 5 has the FreeRADIUS 2.x packages but under the
/%{Client-IP-Address}/reply-detail-%Y%m%d -
/var/log/radius/radacct/153.109.XXX/reply-detail-20110615
[reply_log] /var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d
expands to /var/log/radius/radacct/153.109XXX/reply-detail-20110615
[reply_log] expand: %t - Wed Jun 15 15:55:01 2011
d'oh! it was SElinux. I had disabled it temporarily, but didn't set it as
disabled in /etc/selinux/config so it was blocking the authentication.
Phil Mayers wrote:
On 06/14/2011 09:44 PM, Jimmy wrote:
I have Kerberos 1.6 configured to use OpenLDAP 2.3.43 as a back end. I
am trying to
On 15/06/11 15:49, g17jimmy wrote:
d'oh! it was SElinux. I had disabled it temporarily, but didn't set it as
disabled in /etc/selinux/config so it was blocking the authentication.
Well, IMHO disabling it altogether is not a good idea. You might want to
consider just disabling it for
Hi there,
I´ve installed FreeRADIUS with Active Directory Authentication
(ntlm_auth for mschap) and is working 100% correctly.
No probs with that. The only thing is that my users log in using their
windows account (username and password), but I would need to change it
to user@DOMAIN and
On 06/15/2011 10:56 AM, Phil Mayers wrote:
On 15/06/11 15:49, g17jimmy wrote:
d'oh! it was SElinux. I had disabled it temporarily, but didn't set it as
disabled in /etc/selinux/config so it was blocking the authentication.
Well, IMHO disabling it altogether is not a good idea. You might want
Thank you, but where exactly do I specify my authorization policy?
In the sites-available/default file, or in radiusd.conf? In what
(sub)section?
I'm trying a simpler policy for now:
if(%{request:SDP-Bandwidth}=2000) { Auth-Type := Accept }
else { Auth-Type := Reject }
I've tried this
Tiberiu Breana wrote:
Thank you, but where exactly do I specify my authorization policy?
In the sites-available/default file, or in radiusd.conf? In what
(sub)section?
I'm trying a simpler policy for now:
if(%{request:SDP-Bandwidth}=2000) { Auth-Type := Accept }
else { Auth-Type
On 15/06/11 16:21, Javier Lidó Fernandez wrote:
Hi there,
I´ve installed FreeRADIUS with Active Directory Authentication
(ntlm_auth for mschap) and is working 100% correctly.
No probs with that. The only thing is that my users log in using their
windows account (username and password), but I
seb2020 girard@gmail.com wrote:
I have a problem in my post-auth configuration. I have write this with the
help of my other topic in this forum:
update reply {
Tunnel-Type := VLAN
Tunnel-Medium-Type := IEEE-802
Tunnel-Private-Group-Id := unauthorised
Termination-Action :=
Greetings,
I have to control authorization based on a (possibly) multi-valued LDAP
reply attribute called employeeType. I have all of the LDAP code working
fine, but seem to have hit a snag. Each user has 1 to ??? (usually a max
of 5 or so) employeeType values. The pertinent ones include
I've got an interesting problem to try to solve and was curious if such a
concept is even possible with FreeRadius.
I've got to implement mac address filtering to a Cisco WiFi (WLC plus
numerous LWAPPs) system that also requires Active Directory authentication
of the Windows credentials of the
I find the easist way to do it is to use a custom users file to allow /
prevent access based on exact matches of LDAP attributes.
then you can say if STAFF = Accept, if STAFF OFFSITE Accept, otherwise
reject.
This is how we do it here:
19 matches
Mail list logo
