Re: cannot authenticate system users
Thanks Alan, I have discovered that if a user has /bin/false specified as a shell in the passwd file, they can't login with freeradius. All of our normal users do have /bin/false set. If I change any user to /bib/bash or /bin/sh etc. then freeradius will authenticate them. Yes /bin/false exists. login will only work if the user has a valid shell, of course. Um, what next? On the matter of += System vs := System. The sample users files says to use += System. that would need fixing. Thanks for clarifying it. Thanks Mervyn [EMAIL PROTECTED] wrote: Mervyn Jack [EMAIL PROTECTED] wrote: The users file is this simple.. * while I'm at it, is it supposed to be Auth-Type := System or Auth-Type += System, the docs differ* Auth-Type := System The only thing on this box that is might affect the operation, is the passwd, shadow and group files have been copied over from an older debian linux box. Then you should verify that they work via 'login', etc. -- Mervyn Jack, Technical Director, Country Netlink Pty Ltd. PO Box 529, Cobram, Vic. Australia, 3644 Ph +61 3 5871 1000 Fax +61 3 5871 1874 Mobile 0409 960 520 mailto:[EMAIL PROTECTED] http://www.cnl.com.au ICQ 354419 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
huntgroups by client ip
Hi list. The nation-wide provider of dial-up ports that we are renting some ports off, will not/cannot give us the NAS-IP-Address's that our customers calls may come in on. Due to the fact there are too many, and they may change. Can you do Huntgroup selections by something other than NAS-IP-Address? If got these to play with. rad_recv: Access-Request packet from host 203.xxx.xxx.120:1812, id=206, length=265 NAS-IP-Address = 203.xxx.xxx.49 NAS-Port-Type = Async Called-Station-Id = 142 Calling-Station-Id = 3587x Service-Type = Framed-User Framed-Protocol = PPP Password = \221\304\xxx\xxx\333\356\240 User-Name = xxx Proxy-State =0x4..snip.. -- Mervyn Jack, Technical Director, Country Netlink Pty Ltd. PO Box 529, Cobram, Vic. Australia, 3644 Ph +61 3 5871 1000 Fax +61 3 5871 1874 Mobile 0409 960 520 mailto:[EMAIL PROTECTED] http://www.cnl.com.au ICQ 354419 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: cannot authenticate system users
Problem solved, thanks to a friend, not on this list. I needed to put /bin/false in /etc/shells. Mervyn I have discovered that if a user has /bin/false specified as a shell in the passwd file, they can't login with freeradius. All of our normal users do have /bin/false set. -- Mervyn Jack, Technical Director, Country Netlink Pty Ltd. PO Box 529, Cobram, Vic. Australia, 3644 Ph +61 3 5871 1000 Fax +61 3 5871 1874 Mobile 0409 960 520 mailto:[EMAIL PROTECTED] http://www.cnl.com.au ICQ 354419 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Oracle 8.1.6
Hello everybody! I'm trying to get the current snapshot of freeradius to work with Oracle 8.1.6 (i) - are there any patches that need to be applied before compiling Oracle support in? If I am not mistaken, I remember hearing Alan say something about patches being needed for versions of Oracle 7. Thank you. -Ahsan Ali - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Users w/o shell accts can't authenticate..?
I hope this is an easy one: Users who have a shell (/bin/bash) authenticate OK. Users who don't (/bin/false) don't. . . auth: type System . modcall[authenticate]: module unix return reject . . . Since very few users have shell accounts, this is a problem for me. Am I missing something obvious?? My users file - DEFAULT Auth-Type := System Framed-IP-Address = 255.255.255.254, Framed-MTU = 1500, Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP - I'm not using shadow passwords. Thanks! -Steve - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html