stale logins/sessions or Simultaneous-Use behavior

2003-03-14 Thread Josh Kleensang 

Is there any way (don't you love it when emails start
out that way...) to have freeradius arbitrarily kill a
session (record a session stop time and forget about it)
when another session is started with the same username?

For example:

User joefoo logs in at 13:05:00
user joefoo logs in again at 13:20:00
the server allows the second joefoo to authenticate and
gain access but terminates the first joefoo session and
gives it a stop time of 13:20:00.

This functionality is useful in an environment where one
doesn't always get the accounting stop packets but is sure
that a duplicate login wont actually happen because all of
an upstream radius server/proxy.  I know that checkrad is
supposed to verify if the session is there or not but I
don't have access to the NAS servers and cannot directly 
verify the login.

It may be useful to add an option to Simultaneous-Use where
the module would allow up to the number of sessions specified
(eg 5) but upon the 6th login would kill the oldest of the
5 previous sessions.

Thanks,


Josh Kleensang
Vice President, Engineering
Lunar Gravity Networks
402-898-GRAV x 101
http://www.lunargravity.com
BEGIN:VCARD
VERSION:2.1
N:Kleensang;Joshua
FN:Joshua Kleensang
ORG:Lunar Gravity
TITLE:Vice President, Engineering
TEL;WORK;VOICE:(402) 898-4728
ADR;WORK:;;2437 South 130th Circle;Omaha;Nebraska;68144;United States of America
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:2437 South 130th Circle=0D=0AOmaha, Nebraska 68144=0D=0AUnited States of Ame=
rica
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:20020423T192545Z
END:VCARD

Access_attr not working??

2002-10-18 Thread Josh Kleensang 

I can't seem to get access rejected when I have
dialupAccess = false (and access_attr = dialupAccess and
access_attr_used_for_allow = yes).
I have tried the latest CVS snapshot... and this
was working with versions prior to 0.7. (well at least .5)

Thanks.


Josh Kleensang
Vice President, Engineering
Lunar Gravity Networks
402-898-GRAV x 101
http://www.lunargravity.com



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

suggestions about attributes

2002-09-04 Thread Josh Kleensang 


Howdy,

I guess I dont know if these have been changed
in CVS - or if they are the way they are for a reason.

raddb/ldap.attrmap - the ldap checkItem attribute for 
Simultaneous-Use is set to npSessionsAllowed, but in
the RADIUS-LDAPv3.schema radiusSimultaneousUse seems
to be the correct attribute.

raddb/radius.conf - in the ldap section access_attr is 
set to dialupAccess, but there is no dialupAccess attribute
in RADIUS-LDAPv3.schema.  Could we get one? :)

Thanks


Josh Kleensang
Vice President, Engineering
Lunar Gravity Networks
402-898-GRAV x 101
http://www.lunargravity.com


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html