It will show an entry each time there is a failed login, but just leaves
a '-' for the username. The only time it properly displays the login is
when I try it from the 'check server' link and it tries to authenticate
locally. I also get the "address is not in a.b.c.d form" error, but I'm
not sure
Toni Mueller <[EMAIL PROTECTED]> wrote:
> speaking of which, below is one that's untested. If someone can
> please explain how to regenerate an individual configure script,
> I'd rather try that instead of hacking directly into the generated
> code.
'make reconfig' should work.
> $ gmake reconf
Simon Allard <[EMAIL PROTECTED]> wrote:
> Is there a way to specify the use of a URI rather than a hostname? I want
> to be able to use ldapi:// to it uses the unix socket rather than the tcp
> socket. Its quite a lot faster!
I thought there was a patch on the list a while ago... if not, I
might
Chris Brotsos <[EMAIL PROTECTED]> wrote:
> Alan and I submitted *many* changes to the original round_robin code, and
> although I'm not positive...I think it ended up *not* being supported in
> the 0.8.1 release. I don't have the base 0.8.1 release running, though, so
> I'm not 100% sure on that
"Thomas S. Crum - AAA Web Solution, Inc." <[EMAIL PROTECTED]>
wrote:
> I've noticed that when radius dies, it usually kills all of its processes
> with it.
Yes. That makes sense, the way the server is written.
> I wrote a cron that every minute just runs /usr/local/sbin/radiusd, if
> radiusd i
> you *should* have at least devel version of 0.9.7beta. former it always
> was the newer the better.
Looking at openssl.org there actually is a 0.9.7a which is a follow-up to
0.9.7. I believe that that is what I have installed.
> perhaps you should regenerate your Certificates using the same Op
On Wed, 12 Mar 2003, Simon Allard wrote:
>
> I had a look though the LDAP docs and I couldn't see anything obvious.
>
> Is there a way to specify the use of a URI rather than a hostname? I want
> to be able to use ldapi:// to it uses the unix socket rather than the tcp
> socket. Its quite a lot fa
I had a look though the LDAP docs and I couldn't see anything obvious.
Is there a way to specify the use of a URI rather than a hostname? I want
to be able to use ldapi:// to it uses the unix socket rather than the tcp
socket. Its quite a lot faster!
Is that possible with the current code base o
Hi,
>Probably not. There are MIBs in the Redback documentation. You can
>check those to determine if there is a usable MIB for use with 'checkrad'.
I have ask our Redback contact´s usualy they respond fast.
If this will fail i will try using telnet.
>As usual, patches are welcome!
Sure i wil
Hi,
On Tue, Mar 04, 2003 at 06:16:24AM -0500, Alan DeKok wrote:
> Y Sreenivasulu <[EMAIL PROTECTED]> wrote:
> > Thanks for your information Alan. Can you suggest where can I
> > find such source code patches?
> It's free software. You have the power to create them yourself.
speaking of whi
At 11:28 AM 3/11/2003, you wrote:
We have several realms configured to do round robin between two downstream
radius servers. We have observed that our freeradius (0.8.1) servers are
sending all traffic for a realm to the first server listed for that realm.
I have seen in the logs where it does do
We have several realms configured to do round robin between two downstream
radius servers. We have observed that our freeradius (0.8.1) servers are
sending all traffic for a realm to the first server listed for that realm.
I have seen in the logs where it does do failover however. Here's an
examp
On Tue, 11 Mar 2003, Nick Lomonte wrote:
> My main group has about 3800 users in it. From the web interface if I
> click on 'show groups' and then click on that group, it just sits there
> and eventually times out. Running the latest CVS on a redhat 7.3
> machine. The other groups with fewer mem
Nick,
Sounds like the php page is timing out. Default is 30 seconds. Try to up
the max_execution_time in your php.ini file
good luck,
Tony
|-+--->
| | Nick Lomonte|
| | <[EMAIL PROTECTED]>
At 04:56 PM 3/11/2003 +, Keith Ballard wrote:
Hi all,
I'm happily using sql module to authorise 1 users.
However I wanted to disallow 1 user and did it by:
Radgroupreply:
29,noaccess,Auth-Type,:=,Reject,0
Usergroup:
1000,fred,noaccess
Radcheck:
1000,fred,password,==,password
It seems as
Has anyone integrated FreeRadius/LDAP to a Remote Active
Directory Server?
I am trying to integrate the two and need some
examples of radiusd.conf for the
LDAP to Active Directory.
I also tried uid=ron
And [EMAIL PROTECTED]
I have no organization just a list of users unde
Hi all,
I'm happily using sql module to authorise 1 users.
However I wanted to disallow 1 user and did it by:
Radgroupreply:
29,noaccess,Auth-Type,:=,Reject,0
Usergroup:
1000,fred,noaccess
Radcheck:
1000,fred,password,==,password
It seems as long as fred's username & password are correct,
My main group has about 3800 users in it. From the web interface if I
click on 'show groups' and then click on that group, it just sits there
and eventually times out. Running the latest CVS on a redhat 7.3
machine. The other groups with fewer members work fine. I'm assuming
this has something t
Hello,
It still doesn't work. Those php scripts wont talk to mysql database. I
guess there should smth wrong with my apache server, or php support,
probably I will have to reinstall itthat's a big headache.
Anyway, thanks a lot for your help
Redi
Redi Tela
Systems Administrator
Mail [EMAIL
At 02:01 PM 3/11/2003 +0100, [EMAIL PROTECTED] wrote:
Hi all,
I have been asked to setup a radius server, however I do know nothing about
radius yet.
Because it should be a cheap but stable solution I choose to install
solaris 8 for intel on a pc. I could have choosen linux as well, but let's
not
At 03:54 PM 3/11/2003 +0500, Eric wrote:
I'm using mysql authentication scheme.
As shown in documentation i'm set in radgroupcheck table such row:
groupname | parameter | op| value|
-
test|Simultaneous-Use | := |
At 10:37 AM 3/11/2003 +0100, Holger Steppke wrote:
Hi,
sorry for bothering the list again.
I¢¥am just looking into how i can make the checkrad script Redback SMS1800
aware.
Is some doing this already and is checking for PPP sessions on the Kit.
Would be nice to know wich MIB you are query then.
hi!
do I need the module "files" in radiusd.conf where
the file "user" will be implemented? or is the module eap enough?
thanks,
kle
On Tue, Mar 11, 2003 at 09:24:02AM -0500, Thomas S. Crum - AAA Web Solution, Inc.
wrote:
> This may seem like an oversimplified approach, but can someone please
> comment.
>
> I've noticed that when radius dies, it usually kills all of its processes
> with it. Some have written a cron that check
why not use radwatch?
rc.radiusd supplied with the server already starts radiusd with radwatch.
otherwise, the only problem about your approach is the active waiting.
Thomas S. Crum - AAA Web Solution, Inc. wrote:
This may seem like an oversimplified approach, but can someone please
comment.
I'v
i think you should really either:
1. relaunche ./configure and rebuild the server giving the good prefixes
for the config files
- OR -
2. launch your radiusd with:
strace radiusd 2>&1 | grep radiusd.conf
you will see which config file it is really using.
ciao
artur
[EMAIL PROTECTED] wrote:
> Hi,
hi Miquel
sorry, but what does this have to do with freeradius?
I'm testing windows XP with 802.1X and EAP-MD5 authentication protocol.
My main goal is to change the user authentication interface for this
procotol EAP-MD5. Windows OS display the default win logon dialog and
the user must enter
This may seem like an oversimplified approach, but can someone please
comment.
I've noticed that when radius dies, it usually kills all of its processes
with it. Some have written a cron that checks first and then restarts etc.
I wrote a cron that every minute just runs /usr/local/sbin/radiusd,
Hi,
I'm continuing having problems. Althought I modified radiusd.conf the log coming with
radiusd -X shows that also the commented items are considered by the server (for
example MS-CHAP is commented but the server however load and instantiate it). It seems
the server reads a previous and an unm
I would suggest using port = 389, tls_mode = no and start_tls = yes
That way you will use the StartTLS extended operation and not the old LDAPS
I just tried that and now I get this error from radiusd:
modcall: entering group authorize
rlm_ldap: - authorize
r
Hi everybody,
I'm testing windows XP with 802.1X and EAP-MD5 authentication protocol.
My main goal is to change the user authentication interface for this
procotol EAP-MD5. Windows OS display the default win logon dialog and
the user must enter username/password manually. I want to change this
aut
Hi all,
I have been asked to setup a radius server, however I do know nothing about
radius yet.
Because it should be a cheap but stable solution I choose to install
solaris 8 for intel on a pc. I could have choosen linux as well, but let's
not argue about that as its irrelevant for my question.
A
I'm using mysql authentication scheme.
As shown in documentation i'm set in radgroupcheck table such row:
groupname | parameter| op | value|
-
test|Simultaneous-Use| := | 1 |
But I still have double, tripple
Hi,
sorry for bothering the list again.
I´am just looking into how i can make the checkrad script Redback SMS1800 aware.
Is some doing this already and is checking for PPP sessions on the Kit.
Would be nice to know wich MIB you are query then.
I´am sure the SMS can do finger but i don´t realy l
35 matches
Mail list logo