---------- Forwarded Message ---------- Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["Robert Blayzor" <[EMAIL PROTECTED]>] Date: Fri, 1 Feb 2002 21:59:11 -0600 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] >From [EMAIL PROTECTED] Fri Feb 1 21:59:11 2002 Received: from mx0.inoc.net (mx0.inoc.net [64.246.130.30]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g123xB316745; Fri, 1 Feb 2002 21:59:11 -0600 Received: from nimbus (cm-24-161-15-249.nycap.rr.com [24.161.15.249]) by mx0.inoc.net (Vircom SMTPRS 5.1.202) with ESMTP id <[EMAIL PROTECTED]>; Sat, 2 Feb 2002 00:33:59 -0500 Reply-To: <[EMAIL PROTECTED]> From: "Robert Blayzor" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: AuthBy SQL and AuthLog Date: Sat, 2 Feb 2002 00:33:19 -0500 Organization: INOC, LLC Message-ID: <000201c1abab$36445610$[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal See sample entries in my config file below. We do backend RADIUS auth for several realms in our databases. The problem is the customer does not always log in fully realmed. SO we pass our SQL extra information so the database stored proceedure can figure out the realm. The problem is that Radiator doesn't always know what the realm is... And therefore, does not have a decorated username attribute. The problem with this is the AuthLog file. While this works good, if user "joe" has been attempting the wrong password, we may not really know which ISP "joe" is from. So we fully decorate the names on the backend if they are not (or even if they are) and send them back as "user@realm" in the RADIUS "Class" attribute. This works extremely well except for the fact that when I try to AuthLog store what I return back to Radiator from my AuthBy, the field comes up blank, even though I know I'm returning something. It's like if the access request fails, that those attributes don't get populated, therefore they show as NULL or empty in my AuthLog. Is there a way I can return a column back from the SQL server and have AuthLog show that value? Regardless of success or failure. # # Setup a default AuthLog # <AuthLog FILE> Identifier Auth-Log-General Filename %L/password.log LogSuccess 0 LogFailure 1 FailureFormat %m/%d/%Y %H:%M:%S Failed login: %{Class} PW: %P %{Calling-Station-Id} </AuthLog> <AuthBy SQL> Identifier Auth-NAS DBSource dbi:Sybase:server=mysql DBUsername xxx DBAuth xxx AuthSelect EXEC sp_RadiusLookup '%n', '%{Called-Station-Id}', '%N' AuthColumnDef 0, Class, reply AuthColumnDef 1, User-Password, check AuthColumnDef 2, GENERIC, check AuthColumnDef 3, GENERIC, reply </AuthBy> -- Robert Blayzor, BOFH INOC, LLC [EMAIL PROTECTED] Calculating in binary code is as easy as 01,10,11. ------------------------------------------------------- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.