Hi Hugh, If you look at godies/external.cfg, you will see he needs something like this:
Command c:/perl/bin/perl ./goodies/testcommand.pl DOS does not know how to interpret #!/usr/bin/perl so it cant run C:\Perl\bin\testcommand.pl without some cluues. Cheers. On Thu, 2 Oct 2003 12:23 pm, Hugh Irvine wrote: > Hello Man Meng Fei - > > I suspect that Radiator is not able to run the external command. > > What happens when you run the following in a MS-DOS window: > > C:\Perl\bin\testcommand.pl > > There is probably something wrong with either the path or the contents > of the file. > > regards > > Hugh > > > On Thursday, Oct 2, 2003, at 03:56 Australia/Melbourne, Man Meng Fei > > wrote: > > Hi > > Currently i am using a sample configuration (external.cfg) and perl > > script (testcommand.pl) which can be retrieved from goodies directory > > to > > understand the implementation of <AuthBy EXTERNAL>. > > But after i executed it, i can't get the expected test result. I got No > > Reply at Radius client. I hope someone can help me to make this <AuthBy > > EXTERNAL> sample working. > > > > Lastly i attached Radius Configration file which i used for the testing > > and Radius Server and Radius Client's output result > > > > Man Meng Fei > > > > > > > > ----------radius.cfg----------- > > # external.cfg > > # > > # Example Radiator configuration file. > > # This very simple file will allow you to get started with > > # EXTERNAL authentication. > > # > > # There is an example external program called testcommand.pl > > # in the goodies directory, whichthe example below uses. It > > # will accept the request if the username is "fred" otherwise reject > > # it. > > # > > # So if you run Radiator with this config file, then do > > # radpwtst -noacct -trace -user fred > > # you will see something like: > > # sending Access-Request... > > # OK > > # Code: Access-Accept > > # Identifier: 109 > > # Authentic: <12>_B<215><2>=<149><140>kBM<130><221><10>.S > > # Attributes: > > # Reply-Message = "you are fred" > > # > > # > > # And if you do: > > # radpwtst -noacct -trace -user someoneelse > > # you will see something like: > > # sending Access-Request... > > # Rejected > > # Code: Access-Reject > > # Identifier: 70 > > # Authentic: <165><206>RiJ<208><139><245><129>@<170><136><23>s<24><23> > > # Attributes: > > # Reply-Message = "you are NOT fred, you are 'someoneelse'" > > # Reply-Message = "Request Denied" > > > > > > # > > # You should consider this file to be a starting point only > > # $Id: external.cfg,v 1.3 2003/09/22 23:30:56 mikem Exp $ > > > > Foreground > > LogStdout > > LogDir c:/Program Files/Radiator > > DbDir c:/Program Files/Radiator > > > > Trace 4 > > > > # You will probably want to change this to suit your site. > > <Client DEFAULT> > > Secret mysecret > > DupInterval 0 > > </Client> > > > > <Realm DEFAULT> > > <AuthBy EXTERNAL> > > # For NT, you might want something like this > > Command C:\Perl\bin\testcommand.pl > > > > # For Unix, maybe something like this > > # #Command ./goodies/testcommand.pl > > > > # This will cause the User-Password > > # to be decrypted before being passed to the > > # external program > > DecryptPassword > > > > # You might prefer use this to tell AuthBy EXTERNAL > > # to get the result from the first line of the > > # output. The permitted values are ACCEPT, REJECT > > # IGNORE CHALLENGE or REJECT_IMMEDIATE. ON Win98 > > # its the only way to get it to work. > > # We recommend you use this method > > ResultInOutput > > </AuthBy> > > </Realm> > > > > > > > > > > > > -------Radius Server Output-------------------------- > > > > Microsoft Windows 2000 [Version 5.00.2195] > > (C) Copyright 1985-2000 Microsoft Corp. > > > > C:\Documents and Settings\man\Desktop>PERL c:\perl\bin\radiusd > > Thu Oct 2 01:16:58 2003: DEBUG: Finished reading configuration file > > 'C:\Program > > Files\Radiator\radius.cfg' > > This Radiator license will expire on 2004-02-01 > > This Radiator license will stop operating after 1000 requests > > To purchase an unlimited full source version of Radiator, see > > http://www.open.com.au/ordering.html > > To extend your evaluation period, contact [EMAIL PROTECTED] > > > > Thu Oct 2 01:16:58 2003: DEBUG: Reading dictionary file 'c:/Program > > Files/Radia > > tor/dictionary' > > Thu Oct 2 01:16:58 2003: DEBUG: Creating authentication port > > 0.0.0.0:1645 > > Thu Oct 2 01:16:58 2003: DEBUG: Creating accounting port 0.0.0.0:1646 > > Thu Oct 2 01:16:58 2003: NOTICE: Server started: Radiator 3.7 on man > > (EVALUATIO > > N) > > Thu Oct 2 01:18:52 2003: DEBUG: Packet dump: > > *** Received from 127.0.0.1 port 3006 .... > > Code: Access-Request > > Identifier: 67 > > Authentic: 1234567890123456 > > Attributes: > > User-Name = "mikem" > > Service-Type = Framed-User > > NAS-IP-Address = 203.63.154.1 > > NAS-Port = 1234 > > Called-Station-Id = "123456789" > > Calling-Station-Id = "987654321" > > NAS-Port-Type = Async > > User-Password = > > "<159><249>:<201><175>\<4><246><188>8<9><160><216>}x<153>" > > > > Thu Oct 2 01:18:52 2003: DEBUG: Handling request with Handler > > 'Realm=DEFAULT' > > Thu Oct 2 01:18:52 2003: DEBUG: Deleting session for mikem, > > 203.63.154.1, 1234 > > Thu Oct 2 01:18:52 2003: DEBUG: Running command: > > C:\Perl\bin\testcommand.pl > > Thu Oct 2 01:25:09 2003: ERR: ResultInOutput is enabled, but the first > > line of from the E > > XTRNAL command is an unknown result code > > Thu Oct 2 01:25:09 2003: DEBUG: Packet dump: > > *** Received from 127.0.0.1 port 3006 .... > > Code: Accounting-Request > > Identifier: 68 > > Authentic: <30>Z<190><154>(<20><153><30><10>c<24><237><243><176>V<236> > > Attributes: > > User-Name = "mikem" > > Service-Type = Framed-User > > NAS-IP-Address = 203.63.154.1 > > NAS-Port = 1234 > > NAS-Port-Type = Async > > Acct-Session-Id = "00001234" > > Acct-Status-Type = Start > > Called-Station-Id = "123456789" > > Calling-Station-Id = "987654321" > > Acct-Delay-Time = 0 > > > > Thu Oct 2 01:25:09 2003: DEBUG: Handling request with Handler > > 'Realm=DEFAULT' > > Thu Oct 2 01:25:09 2003: DEBUG: Adding session for mikem, > > 203.63.154.1, 1234 > > Thu Oct 2 01:25:09 2003: DEBUG: Running command: > > C:\Perl\bin\testcommand.pl > > > > > > -------Radius Client Output-------------------------- > > Microsoft Windows 2000 [Version 5.00.2195] > > (C) Copyright 1985-2000 Microsoft Corp. > > > > C:\Documents and Settings\man\Desktop>perl c:\perl\bin\radpwtst -user > > mikem -password fred > > > > sending Access-Request... > > No reply > > sending Accounting-Request Start... > > No reply > > sending Accounting-Request Stop... > > No reply > > > > C:\Documents and Settings\man\Desktop> > > > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > NB: have you included a copy of your configuration file (no secrets), > together with a trace 4 debug showing what is happening? -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.