Le petit bonjour quotidien ;-)
> Salut Gildas -
>
> On Fri, 11 Feb 2000, Gildas PERROT wrote:
> > Salut Hugh,
> >
> > > > - is it possible to define default check and reply items like :
> > > >
> > > > Auth-Type = System
> > > > User-Service-Type = Framed-User,
> > > > Framed-Protocol = PPP,
> > > > Framed-Netmask = 255.255.255.0,
> > > > Framed-Routing = None,
> > > > Framed-MTU = 1500,
> > > > Ascend-Idle-Limit = 600
> > > >
> > > > for each user instead of defining them in users file ?
> > >
> > > Sure - you can use AddToReply or AddToReplyIfNotExist in your AuthBy, or you
> > > can use cascaded AuthBy's. Tell me a bit more about what you want to do and
> > > I'll give you an example configuration file.
> > >
> > > > In this case, do other entries in users file take precedence on default one ?
> > >
> > > If you specify AddToReplyIfNotExist, the users file will take precedence.
> >
> > What I would like is to define the minimum things in users database and define
> > default check and reply items which can be overwritten by users entries.
> > I would like to defined the default check items :
> >
> > Auth-Type = System
> > User-Service-Type = Framed-User
> >
> > and the default reply items :
> >
> > Framed-Protocol = PPP,
> > Framed-Address = 193.149.106.4,
> > Framed-Netmask = 255.255.255.255,
> > Framed-Routing = None,
> > Framed-MTU = 1500,
> > Ascend-Idle-Limit = 600
> >
> > I suppose that the only entry for certain users will be its login then ?
> >
> > > Using the defintion in the standard Radiator dictionary is this:
> > >
> > > p50fr Password = "fdsfdsfsdf"
> > > Service-Type = Framed-User,
> > > Framed-Protocol = PPP,
> > > Framed-Address = 193.149.103.161,
> > > Framed-Netmask = 255.255.255.240,
> > > Ascend-Idle-Limit = 300
> > >
> > > You can either edit your users file to use the standard Radiator dictionary, or
> > > add User-Service-Type to the Radiator dictionary (its just a text file). Also
> > > notice that there is an error with a trailing comma "," after the
> > > Password = "fdsfdsfsdf".
> >
> > Effectively, a comma after Password = "jjk" is an error but I don't understand
> > since Service-Type is check item and in the Figure 6 (Typical user entry in a
> > flat user database of 15.2), it is said : no comma at end of check item => I
> > would put a comma after Password not after Service Type.
> >
>
> I see - I didn't realise you were using Service-Type as a check item - it is OK
> to do this of course but I usually see it used as a reply item.
In fact, I am not using Service-Type as a check item ! It's the example in the
Figure 6 (Typical user entry in a flat user database of 15.2) which is talking
about and making me confused. Is it a mistake ?
>
> Here is what you want to do:
>
> # define an AuthBy FILE with a file containing only usernames and passwords
>
> <AuthBy FILE>
> Identifier CheckUserPassword
> Filename %D/user.password
> </AuthBy>
>
> # define an AuthBy FILE with a file containing only defaults
>
> <AuthBy FILE>
> Identifier CheckUserDefault
> Filename %D/user.default
> AddToReplyIfNotExist Service-Type = Framed-User, \
> Framed-Protocol = PPP, \
> Framed-IP-Address = 193.149.106.4, \
> Framed-IP-Netmask = 255.255.255.255, \
> Framed-Routing = None, \
> Framed-MTU = 1500, \
> Ascend-Idle-Limit = 600
> </AuthBy>
>
> # now define your normal Realms or Handlers
>
> <Realm ....>
> AuthBy CheckUserDefault
> </Realm>
>
> ....
>
>
> Then the files %D/user.default and %D/user.password would contain the following:
>
> # file %D/user.default
>
> DEFAULT Service-Type = Framed-User, Auth-Type = CheckUserPassword
>
>
> # file %D/user.password
>
> p50fr Password = "fdsfdsfsdf"
>
> ....
>
>
> How this works is as follows - the selected Realm will call the AuthBy with
> "Identifer CheckUserDefault" which will check the Service-Type, then call the
> AuthBy with "Identifer CheckUserPasswod"
>
> after checking the username and password (and adding any user-specific reply
> attributes), CheckUserPassword returns to CheckUserDefault which adds the
> default reply attributes only if they haven't already been added
>
> You should note that AddToReplyIfNotExist is in a patch to Radiator 2.14.1:
>
> http://www.open.com.au/radiator/downloads/patches-2.14.1/
>
> 6/9/99 Rolled the AddToReplyIfNotExist.patch into the base code. This code
> was contributed by Vincent Gillet <[EMAIL PROTECTED]>, and implemnets
> the AddToReplyIfNotExist parameter, which will append an attribute
> to a reply if and only if it the attribute is not already present.
> AlsoaAdded new check item Request-Type. This is mostly useful
> in Handlers, to allow you to trigger on different types of
> requests.
> Download AuthGeneric.pm and AttrVal.pm from here.
What a complex way ;-) ! I just want to have as a default reply (if no other
value of those check items in users file) : Service-Type =
Framed-User,Framed-Protocol = PPP,Framed-Netmask =
255.255.255.0,Framed-Routing = None,Framed-MTU = 1500,Ascend-Idle-Limit = 600.
Is DefaultReply not sufficient to do that ?
And what about having default check item "Auth-Type = System" (if not another
value defined in users file) for users defined in users file and only them.
Thanks in advance for your help.
>
> compris? sinon pose des questions...
>
> salut
>
> Hugues
>
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
> NT, Rhapsody
>
--
Gildas PERROT, [EMAIL PROTECTED] __o
FranceNet, 28 rue Desaix, 75015 Paris ---_ \<,_
http://www.francenet.fr ---- (_)/ (_)
ÿ
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
