PM3 Authentication.
We setup radius this evening on a new server and can authenticate from a total control 1000 and and cisco 5300 however, CANNOT authenticate from our pm3 which was authenticating from an older version of Freeradius... ANY HELP??? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Connecting to Oracle
On Wed, 9 Oct 2002 19:24:27 +0200 "Mieczyslaw Maciejewski (EPO)" <[EMAIL PROTECTED]> wrote: >Hi > >I have FreeRadius 0.71 on Solaris 8. >My database is Oracle 8.1.7 >After starting ./radiusd -X, I receive the following >message: > >rlm_sql: Driver rlm_sql_oracle loaded and linked >rlm_sql: Attempting to connect to [EMAIL PROTECTED]:1521/pmt >rlm_sql: starting 0 >rlm_sql: Attempting to connect #0 >Init: Oracle logon failed: 'Error while trying to >retrieve text for error ORA-12154 ' >rlm_sql: Failed to connect DB handle #0 >rlm_sql: starting 1 >rlm_sql: starting 2 >rlm_sql: starting 3 >rlm_sql: starting 4 > >The database (pmt) is running, the listener also. Oracle >client is installed. >I try to connect as user pmt locally. >Could someone help > >Thanks >Robert > > >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html You have the connect string wrong (atleast per normal Oracle syntax) it should be: username/password@database If I read your message correctly you named the database "pmt", created a user "pmt" with a password of "pmt"? (I think that will work, but it will be confusing!) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: sql.conf and oracle
This message indicates two different problems. First one of your oracle message files (.msb) is missing. SOmetimes the oracle installer just doesn't know what all to install. Second the 12154 is "TNS:could not resolve service name". I haven't been able to cut and paste the text for you, but you can get (and you need) the Oracle Error Message book which you can download for free at OTN.ORACLE.COM. Assuming that TNS is set up correctly and you can use SQLPLUS OK (you did try that first to verify the installation, right?), then I suspect that you need to add the service name to the connect string so that the entire connect string is something like 'scott/tiger@prodb' or however you have defined it in TNS. While most Oracle apps can use TNS to determine the default db to connect to, I have noticed that precompiled/oci apps (which free radius is) don't necessarily do this. I am guessing that you have multiple configurations in TNS - which you will have if you did not delete the example ones that are installed when you install the client. Tim On Thu, 10 Oct 2002 08:13:49 -0700 (PDT) "Adam Joncas" <[EMAIL PROTECTED]> wrote: >Hello, >I am having trouble getting freeRadius to connect to >oracle. In sql.conf >the 'server' is the host name that the oracle database >is running on, the >'login' and 'password' are to log onto the host. Is >'radius_db' the >radius database name or the global database name? Is >this correct? Does >FreeRadius then use the host login name to connect to the >database? > >The error that I am getting is that logon to the oracle >database fails >with: 'Error while trying to retrieve text for error >ORA-12154 ', but I >can connect using sqlplus and I can see that the TNS >listener is running >correctly for my database. I have run the netmgr oracle >program to setup >oracle to use radius. Any help would be appreciated. > >Adam Joncas > > > > >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cache /etc/passwd, /etc/shadow, and /etc/group
Kevin, Thanks this works well. Thanks again, Ken Rea On Thu, 10 Oct 2002, Kevin Bonner wrote: > In the unix section of radiusd.conf, try the following: > > cache = yes > password = /path/to/passwd > shadow = /path/to/passwd > > If your passwd file contains encrypted passwords (i.e. no shadow file), then > using the above should allow you to cache the data. We are currently using > this method to allow different realms to have their own passwd files, and > just assigning different Auth-Type's depending on the realm. We'll be moving > to SQL auth shortly, but for the time being, this is working quite well for > us. > > Kevin > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cache /etc/passwd, /etc/shadow, and /etc/group
On Thursday 10 October 2002 13:27, User for Free Radius mail list wrote: > On Thu, 10 Oct 2002, 3APA3A wrote: > > passwd file doesn't contain any passwords or hashes, so it's useless > > without shadow. > > If you do not use shadow passwords it does keep encrypted passwords in the > passwd file. Check your man pages "man 5 passwd" and you will see the > second field "Optional encrypted password". This is the way it was long > before shadow passwords came about. The reason we do not use shadow > passwords on this server is beyond the scope of this email. > > It would be nice to be able to cache this data for quick lookup. > > Thanks, > > Ken Rea In the unix section of radiusd.conf, try the following: cache = yes password = /path/to/passwd shadow = /path/to/passwd If your passwd file contains encrypted passwords (i.e. no shadow file), then using the above should allow you to cache the data. We are currently using this method to allow different realms to have their own passwd files, and just assigning different Auth-Type's depending on the realm. We'll be moving to SQL auth shortly, but for the time being, this is working quite well for us. Kevin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cache /etc/passwd, /etc/shadow, and /etc/group
On Thu, 10 Oct 2002, 3APA3A wrote: > > passwd file doesn't contain any passwords or hashes, so it's useless > without shadow. If you do not use shadow passwords it does keep encrypted passwords in the passwd file. Check your man pages "man 5 passwd" and you will see the second field "Optional encrypted password". This is the way it was long before shadow passwords came about. The reason we do not use shadow passwords on this server is beyond the scope of this email. It would be nice to be able to cache this data for quick lookup. Thanks, Ken Rea - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Update on O'Reilly RADIUS Book
apologies to the list... I meant that to go straight to Jon. --On Thursday, October 10, 2002 11:37 AM -0400 Daniel Monjar <[EMAIL PROTECTED]> wrote: > I ordered the book through amazon but they say it is not yet avaiable > > I'm looking forward to getting my hands on a copy. when is your talk to > TriLUG? > -- Daniel Monjar IS Manager, Technical Services bioMérieux, Inc. Durham, NC US - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MySql authentication fails
"Valakos Yorgos" <[EMAIL PROTECTED]> wrote: > I have a SuSe Linux 8.0 on Intel system and and 0.7.1 freeradius and > latest version of MySql . When I try to authenticate a user against my > passwd and shadow file it works but it doesn't when I try the same with > users inserted in radius database (radcheck , etc) and auth type = sql Don't use Auth-Type := SQL, there's no such thing. See the mailing list archives for lots more information. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MySql authentication fails
Dear friends I am totally newbie -yet fascinated - in both the linux and Freeradius stuff so I beg you to bare with me . I have a SuSe Linux 8.0 on Intel system and and 0.7.1 freeradius and latest version of MySql . When I try to authenticate a user against my passwd and shadow file it works but it doesn't when I try the same with users inserted in radius database (radcheck , etc) and auth type = sql .Below is the output of the debugging .Any help ? _ Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/usr/local/var" main: logdir = "/usr/local/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/usr/local/var/log/radius/radacct" main: hostname_lookups = no read_config_files: reading dictionary read_config_files: reading clients read_config_files: reading realms read_config_files: reading naslist main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_auth = no main: log_auth_badpass = yes main: log_auth_goodpass = no main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: proxy_requests = no security: max_attributes = 200 security: reject_delay = 1 main: debug_level = 0 read_config_files: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded System unix: cache = yes unix: passwd = "/etc/passwd" unix: shadow = "/etc/shadow" unix: group = "/etc/group" unix: radwtmp = "/usr/local/var/log/radius/radwtmp" unix: usegroup = no Module: Instantiated unix (unix) Module: Loaded MS-CHAP mschap: ignore_password = no mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: passwd = "(null)" mschap: authtype = "MS-CHAP" Module: Instantiated mschap (mschap) Module: Loaded PAP pap: encryption_scheme = "clear" Module: Instantiated pap (pap) Module: Loaded preprocess preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups" preprocess: hints = "/usr/local/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = "/usr/local/etc/raddb/users" files: acctusersfile = "/usr/local/etc/raddb/acct_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded detail detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded SQL sql: driver = "rlm_sql_mysql" sql: server = "localhost" sql: port = "" sql: login = "root" sql: password = "myrootpasswd" sql: radius_db = "radius" sql: acct_table = "radacct" sql: acct_table2 = "radacct" sql: authcheck_table = "radcheck" sql: authreply_table = "radreply" sql: groupcheck_table = "radgroupcheck" sql: groupreply_table = "radgroupreply" sql: usergroup_table = "usergroup" sql: nas_table = "nas" sql: dict_table = "dictionary" sql: sqltrace = yes sql: sqltracefile = "/usr/local/var/log/radius/sqltrace.sql" sql: deletestalesessions = yes sql: num_sql_socks = 5 sql: sql_user_name = "%{User-Name}" sql: authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id" sql: authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id" sql: authorize_group_check_query = "SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgrou pcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id" sql: authorize_group_reply_query = "SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrou preply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id" sql: authenticate_query = "SELECT Value,Attribute FROM radcheck WHERE UserName = '%{
Re: Update on O'Reilly RADIUS Book
I ordered the book through amazon but they say it is not yet avaiable I'm looking forward to getting my hands on a copy. when is your talk to TriLUG? --On Thursday, October 03, 2002 8:22 PM -0400 Jonathan Hassell <[EMAIL PROTECTED]> wrote: > Hello, all > > Several of you have recently asked me about the status of the O'Reilly > book on RADIUS that I wrote, and I thought I might send a short update to > the list to let you know what's going on. > > 1. I have created a support site for the book at > http://www.theradiusbook.com. There's most everything about the book on > the site: a description of the book, a description of me, the table of > contents, and a sample chapter (see point 2 below). I also have a > mailing list created so readers can discuss the book, offer feedback and > criticism, and make suggestions for the next revision. I'll be > monitoring that mailing list closely. There are also on the site links > to buy the book from every major online distributor, and a link to Amazon > which, if you purchase the book through it, will contribute some money to > the FreeRADIUS development effort. > > 2. There are now sample chapters posted on the web. The O'Reilly site > (http://www.oreilly.com/catalog/RADIUS) has the complete text of Chapter > 5, "Getting Started with FreeRADIUS," and a portion of Chapter 9, "New > FreeRADIUS Developments." My site has Chapter 5 posted in a web version > and a printer-friendly version. You're welcome to check out each of them. > > 3. My editor wrote me just a few minutes ago and told me he was holding > a copy of the actual published book in his hand. Apparently I'm not > important enough to receive a copy straight from the press, much to my > chagrin, so I've gone ahead and purchased a copy myself. So the book > exists, and it should be arriving to all of the major online retailers > and some brick-and-mortar stores within the next couple of days. Thanks > to all of you who have pre-ordered the book. You should receive your > copies very soon. > > You're welcome to ask me any questions about the book you like - I can be > reached at jon at jonathanhassell dot com. > > Best wishes to you all. > > --- > Jonathan Hassell > [EMAIL PROTECTED] > http://www.theradiusbook.com > > > - List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html -- Daniel Monjar IS Manager, Technical Services bioMérieux, Inc. Durham, NC US - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Using Vendor-Specific attributes
Jukka Lehti <[EMAIL PROTECTED]> wrote: > I must be probably too stupid or complete blind sice I > just can't find any info how to use Vendor-Specific > attributes with radclient and radiusd. I have this > simple test dictionary: > > VENDOR Testing 1234 > ATTRIBUTE Foo 1 integer Testing > ATTRIBUTE Bar 2 integer Testing > > How I shall send those with radclient? Use them like any other attribute? > echo > "User-Name=un,User-Password=pw,Vendor-Specific=1234 | Uh, why would you use Vendor-Specific when you wanted attribute 'Foo' or 'Bar'? > And I couldn't add > Vendor-Specific attributes to server reply either. Is > there any examples available, since this didn't work: > > un Auth-Type := Local, User-Password == "pw" > Reply-Message = "Hello, World!", > Vendor-Specific = "Testing,Foo=123" Of course not. You just use the attributes "Foo" or "Bar", like anything else. But you DO have to tell the main dictionary file about the new dictionary you added... did you try 'man 5 dictionary' ?? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cache /etc/passwd, /etc/shadow, and /etc/group
User for Free Radius mail list <[EMAIL PROTECTED]> wrote: > In the radiusd.conf file: > The "Cache" setup does not work if you do not use shadow passwords. If the > "shadow" line is left at the default value: (ie commented out) Yes... your system has shadow passwords, so if you want to cache them, you've go to read the shadow password file. Where, exactly, did you expect the cached passwords to be read from? Not all systems have fgetpwent()... > If you say "no" to the "cache" option: .. > It loads up just fine. Of course. Because it doesn't cache the passwords, it can use getpwent() to get the password, which is a system call which knows where the password files are located. > Is there something I'm missing or is the the default behavior of this > setup? Some knowledge of how Unix systems are set up should help. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Using Vendor-Specific attributes
In our case, we have a dictionary with the following entry: VENDOR FOO 1234 ATTRIBUTE FOO-Priv1 octets FOO and the users are set up as: foouser1 Auth-Type := Local, User-Password == "foouser1" Service-Type == Login-User, FOO-Priv = 0x8007 Obviously using Auth-Type local isn't secure but this is just an example. We use this to test our routers ability to use Radius for keeping users and permissions vis a vis the router. The octet 0x8007 would allow foouser1 to do specific tasks on the router, etc. Hope this helps a bit? Max On Thursday, October 10, 2002, at 01:10 AM, Jukka Lehti wrote: > Hi all, > > I must be probably too stupid or complete blind sice I > just can't find any info how to use Vendor-Specific > attributes with radclient and radiusd. I have this > simple test dictionary: > > VENDOR Testing 1234 > ATTRIBUTE Foo 1 integer Testing > ATTRIBUTE Bar 2 integer Testing > > How I shall send those with radclient? > > echo > "User-Name=un,User-Password=pw,Vendor-Specific=1234 | > radclient 10.0.0.1 auth secret > > doesn't work at all. And I couldn't add > Vendor-Specific attributes to server reply either. Is > there any examples available, since this didn't work: > > un Auth-Type := Local, User-Password == "pw" > Reply-Message = "Hello, World!", > Vendor-Specific = "Testing,Foo=123" > > > Thanks. > > __ > Do you Yahoo!? > Faith Hill - Exclusive Performances, Videos & More > http://faith.yahoo.com > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
sql.conf and oracle
Hello, I am having trouble getting freeRadius to connect to oracle. In sql.conf the 'server' is the host name that the oracle database is running on, the 'login' and 'password' are to log onto the host. Is 'radius_db' the radius database name or the global database name? Is this correct? Does FreeRadius then use the host login name to connect to the database? The error that I am getting is that logon to the oracle database fails with: 'Error while trying to retrieve text for error ORA-12154 ', but I can connect using sqlplus and I can see that the TNS listener is running correctly for my database. I have run the netmgr oracle program to setup oracle to use radius. Any help would be appreciated. Adam Joncas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ippool problem on 0.7.1.Don't deallocate ip addresses
Hi all, I' m having problem with the Ippool module ( rlm_ippool ). When authorizing, the module is able to allocate the correct IP address, but on the account "Stop" does not set the ip free. relevant part of radiusd.conf ... ... modules { ... ... ippool Prova0 { range-start = 10.128.1.0 range-stop = 10.128.1.3 netmask = 255.255.255.252 cache-size = 800 session-db = ${raddbdir}/db.ippool.0 ip-index = ${raddbdir}/db.ipindex.0 } ... } authorize { ... Prova0 ... } accounting { ... Prova0 ... } users file: ... steve Auth-Type := Local, User-Password == "testing", Pool-Name := "Prova1" ... log, from radiusd -X > log says: ... Module: Instantiated ippool (Prova0) ippool: session-db = "/usr/local/freeradius/etc/raddb/db.ippool.1" ippool: ip-index = "/usr/local/freeradius/etc/raddb/db.ipindex.1" ippool: range-start = 10.128.10.0 IP address [10.128.10.0] ippool: range-stop = 10.128.10.3 IP address [10.128.10.3] ippool: netmask = 255.255.255.252 IP address [255.255.255.252] ippool: cache-size = 800 ... ... modcall[authorize]: module "files" returns ok rad_recv: Access-Request packet from host 10.128.255.4:1024, id=78, length=92 User-Name = "steve" User-Password = "\r\021\353N\315\021 s\023.8]O\002F\010" NAS-Port = 1020 Service-Type = Framed-User Framed-Protocol = PPP Tunnel-Client-Endpoint:0 = "212.239.118.116" NAS-IP-Address = 10.128.255.4 NAS-Port-Type = Virtual modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_realm: Looking up realm NULL for User-Name = "steve" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched steve at 99 modcall[authorize]: module "files" returns ok rlm_ippool: Entering in function authorize rlm_ippool: Searching for an entry for nas/port: 10.128.255.4/1020 rlm_ippool: num: 1 rlm_ippool: Allocated ip 10.128.10.2 to client on nas 10.128.255.4,port 1020 modcall[authorize]: module "Prova0" returns ok ... ... rad_recv: Accounting-Request packet from host 10.128.255.4:1038, id=24, length=155 User-Name = "steve" NAS-Port = 1020 Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Address = 10.128.10.2 Class = 0x47727570706f526164 Acct-Status-Type = Stop Acct-Input-Octets = 312 Acct-Output-Octets = 0 Acct-Session-Id = "0C400010" Acct-Session-Time = 8 Acct-Input-Packets = 3 Acct-Output-Packets = 0 Acct-Terminate-Cause = User-Request Tunnel-Client-Endpoint:0 = "212.239.118.116" Acct-Authentic = RADIUS Acct-Delay-Time = 0 NAS-IP-Address = 10.128.255.4 NAS-Port-Type = Virtual modcall: entering group preacct modcall[preacct]: module "preprocess" returns noop rlm_realm: Looking up realm NULL for User-Name = "steve" rlm_realm: No such realm NULL modcall[preacct]: module "suffix" returns noop modcall[preacct]: module "files" returns noop modcall: group preacct returns noop modcall: entering group accounting radius_xlat: '/usr/local/freeradius/var/log/radius/radacct/10.128.255.4/detail' rlm_detail: /usr/local/freeradius/var/log/radius/radacct/%{Client-IP-Address}/detail expands to /usr/local/freeradius/var/log/radius/radacct/1 0.128.255.4/detail modcall[accounting]: module "detail" returns ok modcall[accounting]: module "counter" returns ok radius_xlat: 'steve' modcall[accounting]: module "radutmp" returns ok modcall[accounting]: module "Prova0" returns ok modcall: group accounting returns ok Sending Accounting-Response of id 24 to 10.128.255.4:1038 Finished request 12 Going to the next request This problem is driving me crazy. Have you any idea ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Free Domain name registration Site.Limited Chance No banner Advertisement(±¤°í)
Title: Free Domain name Registration Hello~ http://name.co.sr (¹«·áµµ¸ÞÀεî·Ï)Free Domain name Registration Site. Limited ChanceEx) http://home4.searchengineforyou.com/~dvd --> dvd.co.sr 1. Free Domain name registration2. No banner Advertisement.3. Free Forwarding Service.4. Dynamic IP server(ADSLetc) Free Register now !!!http://name.co.sr ¹«·á µµ¸ÞÀÎ µî·Ï Free Domain name registration Site.Limited Chance No banner Advertisement º» ¸ÞÀÏÀº Á¤º¸Åë½ÅºÎ ±Ç°í »çÇ׿¡ ÀÇ°Å Á¦¸ñ¿¡ [±¤°í]¶ó Ç¥½ÃµÈ ±¤°í ¸ÞÀÏÀÔ´Ï´Ù.¼ö½Å°ÅºÎ ¹öÆ°À» Ŭ¸¯ÇÏ½Ã¸é ¼ö½Å°ÅºÎ󸮰¡ ÀÌ·ç¾î Áý´Ï´Ù. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
checkrad .. pls post radiusd -x output..
Can someone please post a copy of the output from radiusd -X when a simultaneous login is detected, and freeradius runs the checkrad prog .. I can't get checkrad to work, and just want to know what it should look like when it does !! thx ... Tim Fraser * Relax Internet Internet Service Provider (dial-up & ADSL) / Web Hosting www.relax.com.au * - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IP pool problem, please help
Can someone please post a copy of the output from radiusd -X when a simultaneous login is detected, and freeradius runs the checkrad prog .. thx ... Tim Fraser * Relax Internet Internet Service Provider (dial-up & ADSL) / Web Hosting www.relax.com.au * - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius+PostgreSQL connection error on FreeBSD
On Monday 07 October 2002 21:42, Aleksandar Zhelyazkov wrote: > There are also some diferences between the sql db schema supplied in > src/modules/rlm_sql/drivers/rlm_sql_postgres/db_postgres.sql > and the sql statemetns for accounting_onoff etc in postgresql.conf Some time ago I've posted here patch for "right" config and schema don't know maybe , it is in CVS.. -- With Best Regards, Sergey Holod SAH1-RIPE - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
IP pool problem, please help
I have installed the freeRADIUS server and I 'm using the rlm_ippool module. Everything works fine until one account-stop packet had been lost. The user was log out but the dialup admin interface shows him as online and active in finger page. I remove the correct record from the radacct table so the user went offline. The problem is that the server had assigned him an ip address and when the user is trying to login again, the following error message appears: "The server did not assign an IP Address, error 738" I know that the ippool module keeps two files (not text files) with information about used IP addresses. I think that the "stacked" user can't login because the server has already assign him an ipaddress. Is there any ways to solve this problem? Please help... Andrew Kelaidis _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Using Vendor-Specific attributes
The only VSA's I've ever seen have been accounting packet reply items. That's just been my experience with them. Would AV-Pairs do what you need? > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > Jukka Lehti > Sent: Thursday, October 10, 2002 4:10 AM > To: [EMAIL PROTECTED] > Subject: Using Vendor-Specific attributes > > > Hi all, > > I must be probably too stupid or complete blind sice I > just can't find any info how to use Vendor-Specific > attributes with radclient and radiusd. I have this > simple test dictionary: > > VENDOR Testing 1234 > ATTRIBUTE Foo 1 integer Testing > ATTRIBUTE Bar 2 integer Testing > > How I shall send those with radclient? > > echo > "User-Name=un,User-Password=pw,Vendor-Specific=1234 | > radclient 10.0.0.1 auth secret > > doesn't work at all. And I couldn't add > Vendor-Specific attributes to server reply either. Is > there any examples available, since this didn't work: > > un Auth-Type := Local, User-Password == "pw" > Reply-Message = "Hello, World!", > Vendor-Specific = "Testing,Foo=123" > > > Thanks. > > __ > Do you Yahoo!? > Faith Hill - Exclusive Performances, Videos & More > http://faith.yahoo.com > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Connecting to Oracle
from my sql.conf: driver = "rlm_sql_oracle" server = "10.10.10.10" login = "user_name" password = "password" radius_db = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=10.10.10.10)(PORT=1521))(CONNECT_DATA=(SID=your_sid)))" At 19.24 09/10/02, you wrote: >Hi > >I have FreeRadius 0.71 on Solaris 8. >My database is Oracle 8.1.7 >After starting ./radiusd -X, I receive the following message: > >rlm_sql: Driver rlm_sql_oracle loaded and linked >rlm_sql: Attempting to connect to [EMAIL PROTECTED]:1521/pmt >rlm_sql: starting 0 >rlm_sql: Attempting to connect #0 >Init: Oracle logon failed: 'Error while trying to retrieve text for error >ORA-12154 ' >rlm_sql: Failed to connect DB handle #0 >rlm_sql: starting 1 >rlm_sql: starting 2 >rlm_sql: starting 3 >rlm_sql: starting 4 > >The database (pmt) is running, the listener also. Oracle client is installed. >I try to connect as user pmt locally. >Could someone help > >Thanks >Robert > > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --- Always remember you're unique, just like everyone else. --- Ing. Andrea Gabellini Email: [EMAIL PROTECTED] Tel: 0549 886111 (Italy) Tel. +378 0549 886111 (International) Intelcom San Marino S.p.A. Strada degli Angariari, 3 47891 Rovereta Repubblic of San Marino http://www.omniway.sm http://www.intelcom.sm - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Free Domain name registration Site.Limited Chance No banner Advertisement(±¤°í)
Title: Free Domain name Registration Hello~ http://name.co.sr Free Domain name Registration Site. Limited ChanceEx) http://home4.searchengineforyou.com/~dvd --> dvd.co.sr 1. Free Domain name registration2. No banner Advertisement.3. Free Forwarding Service.4. Dynamic IP server(ADSLetc) Free Register now !!!http://name.co.sr ¹«·á µµ¸ÞÀÎ µî·Ï Free Domain name registration Site.Limited Chance No banner Advertisement º» ¸ÞÀÏÀº Á¤º¸Åë½ÅºÎ ±Ç°í »çÇ׿¡ ÀÇ°Å Á¦¸ñ¿¡ [±¤°í]¶ó Ç¥½ÃµÈ ±¤°í ¸ÞÀÏÀÔ´Ï´Ù.¼ö½Å°ÅºÎ ¹öÆ°À» Ŭ¸¯ÇÏ½Ã¸é ¼ö½Å°ÅºÎ󸮰¡ ÀÌ·ç¾î Áý´Ï´Ù. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Using Vendor-Specific attributes
> Dear Jukka Lehti, > > Foo=ValueOfFoo,Bar=ValueOfBar > > Isn't is what dictionary is for? Yes, I think so. But still I get: radclient:Unknown attribute Foo __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Using Vendor-Specific attributes
Dear Jukka Lehti, Foo=ValueOfFoo,Bar=ValueOfBar Isn't is what dictionary is for? --Thursday, October 10, 2002, 12:10:00 PM, you wrote to [EMAIL PROTECTED]: JL> Hi all, JL> I must be probably too stupid or complete blind sice I JL> just can't find any info how to use Vendor-Specific JL> attributes with radclient and radiusd. I have this JL> simple test dictionary: JL> VENDOR Testing 1234 JL> ATTRIBUTE Foo 1 integer Testing JL> ATTRIBUTE Bar 2 integer Testing JL> How I shall send those with radclient? JL> echo JL> "User-Name=un,User-Password=pw,Vendor-Specific=1234 | JL> radclient 10.0.0.1 auth secret JL> doesn't work at all. And I couldn't add JL> Vendor-Specific attributes to server reply either. Is JL> there any examples available, since this didn't work: JL> un Auth-Type := Local, User-Password == "pw" JL> Reply-Message = "Hello, World!", JL> Vendor-Specific = "Testing,Foo=123" JL> Thanks. JL> __ JL> Do you Yahoo!? JL> Faith Hill - Exclusive Performances, Videos & More JL> http://faith.yahoo.com JL> - JL> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA Æàëî ìíå íå ïîíàäîáèòñÿ (Ñ. Ëåì) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Using Vendor-Specific attributes
Hi all, I must be probably too stupid or complete blind sice I just can't find any info how to use Vendor-Specific attributes with radclient and radiusd. I have this simple test dictionary: VENDOR Testing 1234 ATTRIBUTE Foo 1 integer Testing ATTRIBUTE Bar 2 integer Testing How I shall send those with radclient? echo "User-Name=un,User-Password=pw,Vendor-Specific=1234 | radclient 10.0.0.1 auth secret doesn't work at all. And I couldn't add Vendor-Specific attributes to server reply either. Is there any examples available, since this didn't work: un Auth-Type := Local, User-Password == "pw" Reply-Message = "Hello, World!", Vendor-Specific = "Testing,Foo=123" Thanks. __ Do you Yahoo!? Faith Hill - Exclusive Performances, Videos & More http://faith.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP authentication using Win2000 Professional as the client
hi i've read your email already but i had no clue about the problem that's why i didn't reply so far. the problem you are talking about seems to be related to the windows-programming. where is your problem related to the free-radius server? greetings, artur [EMAIL PROTECTED] wrote: > > Dear Sir: > > Could you please direct this mail to > Mr "Fernandez, Jorge" and > Mr "Artur Hecker"? > > Fernandez, Jorge [EMAIL PROTECTED] > Artur Hecker [EMAIL PROTECTED] > > I am trying to realize the EAP authentication using Win2000 Professional as the >client, > Windows2000 Server as the router, and Linux as the Radius Authenticater. > > Although I tried several ways following the EAP guides in the microsoft SDK, I >failed so far.I registered the EAP.DLL following the EAP guides in the microsoft SDK. > > Especially, rasman does call RasEapGetInfo exported by the EAP.dll but it does not >call the EapBegin function in the EAP.dll. Maybe the function RasEapInitialize should >always be called before any other call, but I could not get what I should do in the >function RasEapInitialize. > > All in all, my EAP.DLL did not work as it was supposed to. So I could not begin my >job. The typical function prototypes are listed below: > > If it is possible, Could you please tell me how to put my EAP protocal DLL into >effect? Thanks a lot! > > Sincerely Yours, > Wu MingChang > 09/10/2002 > > // > DWORD APIENTRY > RasEapGetInfo( >IN DWORD dwEapTypeId, >OUT PPP_EAP_INFO* pInfo > ) > { >EapTrace("RasEapGetInfo"); > >if (dwEapTypeId != PPP_EAP_PROTOCOL_ID) >{ >EapTrace("Type ID %d is not supported", dwEapTypeId); >return(ERROR_NOT_SUPPORTED); >} > >ZeroMemory(pInfo, sizeof(PPP_EAP_INFO)); > >pInfo->dwEapTypeId = PPP_EAP_PROTOCOL_ID; >pInfo->RasEapBegin = EapBegin; >pInfo->RasEapEnd = EapEnd; >pInfo->RasEapMakeMessage = EapMakeMessage; > >return(NO_ERROR); > } > > DWORD APIENTRY > EapBegin( >OUT VOID** ppWorkBuf, >IN VOID* pInfo > ) > { >PPP_EAP_INPUT* pInput = (PPP_EAP_INPUT*)pInfo; >EAPCB* pwb; > >EapTrace("EapBegin(%ws)", pInput->pwszIdentity); >... >... >... >... > >return(NO_ERROR); > } > // > .+-wèþ˱Êâmïî˱Êâmäzm§ÿðÃëyêÚv+¬¢¸?+-þë®Èmml== -- Artur Hecker artur[at]hecker.info - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html