FreeRadius and md5
How do I get freeradius to use md5 instead of crypt? I have in my pap settings to use md5 Encryption_scheme = md5 But it still tries to use crypt.. If I put a user in the database with an md5 encrypted password but it gets rejected at loging. But users with a crypt encrypted password log in fine. Any help would be greatly appreciated. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.394 / Virus Database: 224 - Release Date: 10/3/2002 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius and md5
On Wed, 9 Oct 2002, Nick Marino wrote: How do I get freeradius to use md5 instead of crypt? I have in my pap settings to use md5 Encryption_scheme = md5 But it still tries to use crypt.. If I put a user in the database with an md5 encrypted password but it gets rejected at loging. But users with a crypt encrypted password log in fine. Any help would be greatly appreciated. md5 encrypted passwords = crypt with the $1$ salt or truly md5 encrypted passwords? If you are using the former then you could try specifying crypt as the encryption scheme. It will probable work ok. the md5 encryption scheme will not work with salted md5 passwords like the ones generated by crypt(). If nothing of this works run the server in debug mode and check the output. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
disconnecting users
Hi, - Is there any feature to kill online users that can be viewd with radwho ? if Yes, How? (the radkill can't be downloaded from the specified web site) Regards, M. Roomi _ Send and receive Hotmail on your mobile device: http://mobile.msn.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius and md5
-- Forwarded Message -- Subject: rlm_pap using crypt() bug report Date: Fri, 28 Jun 2002 17:41:10 +0300 From: Bobi [EMAIL PROTECTED] To: [EMAIL PROTECTED] When compiled with SNMP support (default=yes) crypt funciton in rlm_pap doesn't work with md5 passwords (Crypt mode) because it uses libcrypto instead of libcrypt. -- B. On Wednesday 09 October 2002 10:39, Nick Marino wrote: How do I get freeradius to use md5 instead of crypt? I have in my pap settings to use md5 Encryption_scheme = md5 But it still tries to use crypt.. If I put a user in the database with an md5 encrypted password but it gets rejected at loging. But users with a crypt encrypted password log in fine. Any help would be greatly appreciated. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.394 / Virus Database: 224 - Release Date: 10/3/2002 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- B.Ikonomov Techno-link - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Proxy Radius
Hi, I have my previous NT commercial accounting server(ISPUtil) with more than 1 active users on it. as I cant't export crypted NT passwords into freeradius, I want to define all new accounts in FreeRadius and also want freeradius acts as the master Accounting server and if the accounts doesn't exist in FreeRadius, I want the user to be redirected to Previous nasty NT accounting server. Freeradius proxy always redirects the requests to NT accounting server before searching itself for this username! I want FreeRadius First search itself and if the username doesn't exist , It redirect it to Next accounting Server. Additional Info: there is no seprator like '' in the username and I don't want to use in new accounts too. as I configured freeradius, it acts as proxy, as it works well when the username doesn't exist in freeradius so it redirected to NT accounting server. but when the username exists in the Freeradius, It doesn't authenticate the user and resend it to second server. please let me know how to reconfigue the proxy radius. Regards, M. Roomi _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Proxy Radius
Dear Mehdi Roomi, You can export your crypted NT passwords to FreeRADIUS. See doc/rlm_mschap --Wednesday, October 9, 2002, 1:28:51 PM, you wrote to [EMAIL PROTECTED]: MR Hi, MR I have my previous NT commercial accounting server(ISPUtil) with more than MR 1 active users on it. as I cant't export crypted NT passwords into MR freeradius, I want to define all new accounts in FreeRadius and also want MR freeradius acts as the master Accounting server and if the accounts doesn't MR exist in FreeRadius, I want the user to be redirected to Previous nasty NT MR accounting server. MR Freeradius proxy always redirects the requests to NT accounting server MR before searching itself for this username! MR I want FreeRadius First search itself and if the username doesn't exist , It MR redirect it to Next accounting Server. MR Additional Info: MR there is no seprator like '@' in the username and I don't want to use in new MR accounts too. MR as I configured freeradius, it acts as proxy, as it works well when the MR username doesn't exist in freeradius so it redirected to NT accounting MR server. MR but when the username exists in the Freeradius, It doesn't authenticate the MR user and resend it to second server. MR please let me know how to reconfigue the proxy radius. MR Regards, MR M. Roomi MR _ MR Join the worlds largest e-mail service with MSN Hotmail. MR http://www.hotmail.com MR - MR List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA Ïîÿâèëñÿ íîâûé òèï ýëåìåíòàðíûõ ÷àñòèö - øêâàðêè. Íå î÷åíü áîëüøèå, ñëåãêà ïîäãîðåâøèå. (Ëåì) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Proxy Radius
Thank You. I exported NT SAM passwords into a file successfully. one sample line is as following: borj2:1003:4f132fed9c9f145daad3b435b51404ee:6af463cbfe0f54eadfefd907ec233491::: currently my freeradius configured to use clear text passwords which stored in mysql and pap authentication method for authentication. Now I think that I should use rlm_passwd module instead of rlm_mschap? and import this file into radcheck table of radius database. also I want new passwords to be saved as clear text . another problem is that I want users to be able to change their passwords from web site and I don't know how to check the previous passwords in my PHP program. Regards, M. Roomi You can export your crypted NT passwords to FreeRADIUS. See doc/rlm_mschap --Wednesday, October 9, 2002, 1:28:51 PM, you wrote to [EMAIL PROTECTED]: MR Hi, MR I have my previous NT commercial accounting server(ISPUtil) with more than MR 1 active users on it. as I cant't export crypted NT passwords into MR freeradius, I want to define all new accounts in FreeRadius and also want MR freeradius acts as the master Accounting server and if the accounts doesn't MR exist in FreeRadius, I want the user to be redirected to Previous nasty NT MR accounting server. MR Freeradius proxy always redirects the requests to NT accounting server MR before searching itself for this username! MR I want FreeRadius First search itself and if the username doesn't exist , It MR redirect it to Next accounting Server. MR Additional Info: MR there is no seprator like '@' in the username and I don't want to use in new MR accounts too. MR as I configured freeradius, it acts as proxy, as it works well when the MR username doesn't exist in freeradius so it redirected to NT accounting MR server. MR but when the username exists in the Freeradius, It doesn't authenticate the MR user and resend it to second server. MR please let me know how to reconfigue the proxy radius. MR Regards, MR M. Roomi MR _ MR Join the worlds largest e-mail service with MSN Hotmail. MR http://www.hotmail.com MR - MR List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA - . , . () - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re[2]: Proxy Radius
Dear Mehdi Roomi, You should use both rlm_passwd and rlm_mschap modules (rlm_passwd in authorize, rlm_mschap in authenticate. Optionally you can use rlm_mschap in authorize). See doc/rlm_mschap and doc/rlm_passwd. --Wednesday, October 9, 2002, 5:32:02 PM, you wrote to [EMAIL PROTECTED]: MR Thank You. MR I exported NT SAM passwords into a file successfully. one sample line is as MR following: MR borj2:1003:4f132fed9c9f145daad3b435b51404ee:6af463cbfe0f54eadfefd907ec233491::: MR currently my freeradius configured to use clear text passwords which stored MR in mysql and pap authentication method for authentication. MR Now I think that I should use rlm_passwd module instead of rlm_mschap? and MR import this file into radcheck table of radius database. MR also I want new passwords to be saved as clear text . MR another problem is that I want users to be able to change their passwords MR from web site and I don't know how to check the previous passwords in my PHP MR program. MR Regards, MR M. Roomi You can export your crypted NT passwords to FreeRADIUS. See doc/rlm_mschap --Wednesday, October 9, 2002, 1:28:51 PM, you wrote to [EMAIL PROTECTED]: MR Hi, MR I have my previous NT commercial accounting server(ISPUtil) with more than MR 1 active users on it. as I cant't export crypted NT passwords into MR freeradius, I want to define all new accounts in FreeRadius and also want MR freeradius acts as the master Accounting server and if the accounts doesn't MR exist in FreeRadius, I want the user to be redirected to Previous nasty NT MR accounting server. MR Freeradius proxy always redirects the requests to NT accounting server MR before searching itself for this username! MR I want FreeRadius First search itself and if the username doesn't exist , It MR redirect it to Next accounting Server. MR Additional Info: MR there is no seprator like '@' in the username and I don't want to use in new MR accounts too. MR as I configured freeradius, it acts as proxy, as it works well when the MR username doesn't exist in freeradius so it redirected to NT accounting MR server. MR but when the username exists in the Freeradius, It doesn't authenticate the MR user and resend it to second server. MR please let me know how to reconfigue the proxy radius. MR Regards, MR M. Roomi MR _ MR Join the worlds largest e-mail service with MSN Hotmail. MR http://www.hotmail.com MR - MR List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA MR - . MR , . () - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html MR _ MR Join the worlds largest e-mail service with MSN Hotmail. MR http://www.hotmail.com MR - MR List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ~/ZARAZA Èòàê, ÿ áóäó êðàòîê. (Òâåí) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Help Info SQL
May I ask the exact meaning of the tables and how to use them ? radacct radcheck radgroupcheck radgroupreply radreply usergroup I guess tha a user has to be inserted in the radchek with: UserName(username) - Attribute (User-Password) - Vale (password)- op (???) and suppose in usergroup: UserName ( username) - GroupName (group ) so I suppose in radgroupreplay: GroupName (dialin) Attribute (Auth-Type) Value (PAP) and the others tables and what does it mean op? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help Info SQL
Gian-Carlo Baldarelli wrote: May I ask the exact meaning of the tables and how to use them ? radacct radcheck radgroupcheck radgroupreply radreply usergroup I guess tha a user has to be inserted in the radchek with: UserName(username) - Attribute (User-Password) - Vale (password)- op (???) and suppose in usergroup: UserName ( username) - GroupName (group ) so I suppose in radgroupreplay: GroupName (dialin) Attribute (Auth-Type) Value (PAP) and the others tables and what does it mean op? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Dear Gian-Carlo 1.radacct for accounting 2. man 5 users for operators (op) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Please help me!
hi I have some questions about freeradius. I have installed the freeradius0.7 and configured the server EAP-TLS authentication.The server can work correctly.It is said that the PMK(Pairwise Master Key) encapsuled in the vendor-specific attribute(id=MS-MPPE-RECV) is supported by 0.7.But I still can not get the vendor-specific attribute in its accept packet.It seems that after succeeding in EAP-TLS authentication,the server does not send the PMK.There is no VSAs in the accept packet. I just want to get the PMK and generate other keys. In freeradius0.7,I did not see the mppe.c file.Should I add the file to patch the radius or what can I do to get the PMK? Have you succeeded in getting the PMK?Hope you can help me!Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
fr0.5: logging: UNKNOWN-NAS, although ip entered?
hello, everybody. well, i think i've got a problem with logging the names or ip-addresses of the nas'es that users try to authenticate from. although there are ip-addresses and shortnames set in clients.conf, fr0.5 just logs the sentence Auth: Login OK: [username] (from nas UNKOWN-NAS port x cli x.x.x.x) (where x.x.x.x is the ip address of our netview machine). excerpt from clients.conf: client 10.0.0.1 { secret = shortname = just-a-funny-cisco-nas } i'm also using access verification based on huntgroups where i just configured the NAS-IP-Address, nothing more. what's wrong with my configuration? the evil thing is that i can't see from which (cisco) nas authentication has been requested (quite good for analysing problems). i'll gladly appreciate hints and tips. thank you in advance. regards, m. pawlowski. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: fr0.5: logging: UNKNOWN-NAS, although ip entered?
[EMAIL PROTECTED] wrote: well, i think i've got a problem with logging the names or ip-addresses of the nas'es that users try to authenticate from. although there are ip-addresses and shortnames set in clients.conf, fr0.5 Yuck. Why don't you upgrade to 0.7.1? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Connecting to Oracle
Hi I have FreeRadius 0.71 on Solaris 8. My database is Oracle 8.1.7 After starting ./radiusd -X, I receive the following message: rlm_sql: Driver rlm_sql_oracle loaded and linked rlm_sql: Attempting to connect to [EMAIL PROTECTED]:1521/pmt rlm_sql: starting 0 rlm_sql: Attempting to connect #0 Init: Oracle logon failed: 'Error while trying to retrieve text for error ORA-12154 ' rlm_sql: Failed to connect DB handle #0 rlm_sql: starting 1 rlm_sql: starting 2 rlm_sql: starting 3 rlm_sql: starting 4 The database (pmt) is running, the listener also. Oracle client is installed. I try to connect as user pmt locally. Could someone help Thanks Robert - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: sql_iodbc.c:214: conflicting types for `sql_fetch_row' ...
pDo-Risika RAFIEFERANTSIARONJY [EMAIL PROTECTED] wrote: When building freeradius-0.7.1, I have this error with sql_iodbc, how to resolve this ? Grab the latest CVS snapshot. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Late replies
Enquiries [EMAIL PROTECTED] wrote: I run a freeradius server that is proxyed to from another freeradius server which is in turn connected to a bt webport proxy, this second freeradius server is complaining of late responses from my server. Physically the servers are next to each other on the rack. That doesn't matter. What matters is that the first server is taking so long to respond, that the second one gives up. The solution is obvious: Make the first one work faster, AND/OR make the second one be more patient. how many times can you proxy on a radius request, currently my server is the last in a change of three, could the radius packets from the nas be expiring? No. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Connecting to Oracle
Mieczyslaw Maciejewski (EPO) wrote: Init: Oracle logon failed: 'Error while trying to retrieve text for error ORA-12154 ' 2nd hit from Google: ORA-12154:TNS:Could not resolve service name. Regards, Daryl Tester IOCANE Pty. Ltd. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: disconnecting users
I think there is a program called radzap. On Wed, 9 Oct 2002, Mehdi Roomi wrote: Hi, - Is there any feature to kill online users that can be viewd with radwho ? if Yes, How? (the radkill can't be downloaded from the specified web site) Regards, M. Roomi _ Send and receive Hotmail on your mobile device: http://mobile.msn.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Regards David Inglis Ruralnet Ph 50210210 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
OFFER TO CONSIDER
Attn. Sir, It is with heart full of hope that I write to seek your help in the context below. I am Mr.Ebere Okemiri, the Personal Assistant to the late Nigerian former Sport Minister, Late Mr. Mark Aku, who until his death in a domestic plane crash weeks before the Japan / Korea world cup was the Minister of Youth and Sports in the present dispensation. Having gotten your particulars through the Internet in my search for a trustworthy foreigner who will help me carry out the project I am about to tell you. I have no doubt about your custody (for safety) the sum US$15 Million deposited in my favor in a Security Company by my late boss before his untimely death. The money was part of the funds release for Nigerian Super Eagles participation in the companionship by Present Democratic Government and major companies in Nigeria but my Boss Late Mr. Mark Aku diverted the fund in order to finance has ambition to contest for gubernatorial Election come 2003 but death took him away. This money he deposited in a security company as personal effect in my favor without the knowledge of any other person till date, meanwhile, the government has tried their best in their search for the money but my situation has been so terrible as I had to loose my job and as I am writing you, I am virtually living on assistance of well- wishers. The investigation teams have submitted their report, and the case closed, that was why I am looking for a foreigner who will help me to secure the fund and invest it on a long time project pending when I will meet him up. In view of this plight therefore, I expect you to be trustworthy and kind enough to respond to this, I will compensate your sincere and candid effort in these regards with 20% of the fund when you finally receive the money. I have perfected arrangement on the successful transfer of the fund and if you are interested to help me, kindly respond through this box or my alternative the email. Please provide me with your telephone and fax number for your easier communication. You are equally guaranteed 100% risk free and smooth transfer. I look forward to your quick response. May God bless you Regards, Mr.Ebere Okemiri.
Problems: EAP authentication[Client Win2000 Professional]
Dear Sir: I am try to realize the EAP authentication using Win2000 Professional as the client, Windows2000 Server as the router, and Linux as the Radius Authenticater. Although I tried several ways following the EAP guides in the microsoft SDK, I failed so far. I registered the EAP.DLL as following the EAP guides in the microsoft SDK, Especially, rasman does call RasEapGetInfo exported by the EAP.dll but it does not call the EapBegin function in the EAP.dll. Maybe the function RasEapInitialize should always be called before any other call, but I could not get what I should do in the function RasEapInitialize. All in all, my EAP.DLL did not work as it was supposed to. So I could not begin my job. The typical function prototypes are listed below: If it is possible, Could you please tell me how to put my EAP protocal DLL into effect? Thanks a lot! Sincerely Yours, Wu MingChang 09/11/2002 // DWORD APIENTRY RasEapGetInfo( IN DWORD dwEapTypeId, OUT PPP_EAP_INFO* pInfo ) { EapTrace(RasEapGetInfo); if (dwEapTypeId != PPP_EAP_PROTOCOL_ID) { EapTrace(Type ID %d is not supported, dwEapTypeId); return(ERROR_NOT_SUPPORTED); } ZeroMemory(pInfo, sizeof(PPP_EAP_INFO)); pInfo-dwEapTypeId = PPP_EAP_PROTOCOL_ID; pInfo-RasEapBegin = EapBegin; pInfo-RasEapEnd = EapEnd; pInfo-RasEapMakeMessage = EapMakeMessage; return(NO_ERROR); } DWORD APIENTRY EapBegin( OUT VOID** ppWorkBuf, IN VOID* pInfo ) { PPP_EAP_INPUT* pInput = (PPP_EAP_INPUT*)pInfo; EAPCB* pwb; EapTrace(EapBegin(%ws), pInput-pwszIdentity); ... ... ... ... return(NO_ERROR); } // .+-wèþ˱Êâmïî˱Êâmäzm§ÿðÃëyêÚv+¬¢¸?+-þë®Èm
Cache /etc/passwd, /etc/shadow, and /etc/group
System = Linux with kernel 2.4.18 In the radiusd.conf file: The Cache setup does not work if you do not use shadow passwords. If the shadow line is left at the default value: (ie commented out) To force the module to use the system password functions, # instead of reading the files, comment out the 'passwd' # and 'shadow' configuration entries. This is required # for some systems, like FreeBSD. # passwd = /etc/passwd # shadow = /etc/shadow Then you will get an error: Wed Oct 9 17:51:06 2002 : Info: HASH: Reinitializing hash structures and lists for caching... Wed Oct 9 17:51:06 2002 : Error: rlm_unix: You MUST specify a shadow password file! Wed Oct 9 17:51:06 2002 : Error: HASH: unable to create user hash table. disable caching and run debugs Wed Oct 9 17:51:06 2002 : Error: radiusd.conf[462]: unix: Module instantiation failed. If you say no to the cache option: # For FreeBSD, you do NOT want to enable the cache, # as it's password lookups are done via a database. # # allowed values: {no, yes} cache = no It loads up just fine. Is there something I'm missing or is the the default behavior of this setup? Thanks, Ken Rea - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EAP authentication using Win2000 Professional as the client
Dear Sir: Could you please direct this mail to Mr Fernandez, Jorge and Mr Artur Hecker? Fernandez, Jorge [EMAIL PROTECTED] Artur Hecker [EMAIL PROTECTED] I am trying to realize the EAP authentication using Win2000 Professional as the client, Windows2000 Server as the router, and Linux as the Radius Authenticater. Although I tried several ways following the EAP guides in the microsoft SDK, I failed so far.I registered the EAP.DLL following the EAP guides in the microsoft SDK. Especially, rasman does call RasEapGetInfo exported by the EAP.dll but it does not call the EapBegin function in the EAP.dll. Maybe the function RasEapInitialize should always be called before any other call, but I could not get what I should do in the function RasEapInitialize. All in all, my EAP.DLL did not work as it was supposed to. So I could not begin my job. The typical function prototypes are listed below: If it is possible, Could you please tell me how to put my EAP protocal DLL into effect? Thanks a lot! Sincerely Yours, Wu MingChang 09/10/2002 // DWORD APIENTRY RasEapGetInfo( IN DWORD dwEapTypeId, OUT PPP_EAP_INFO* pInfo ) { EapTrace(RasEapGetInfo); if (dwEapTypeId != PPP_EAP_PROTOCOL_ID) { EapTrace(Type ID %d is not supported, dwEapTypeId); return(ERROR_NOT_SUPPORTED); } ZeroMemory(pInfo, sizeof(PPP_EAP_INFO)); pInfo-dwEapTypeId = PPP_EAP_PROTOCOL_ID; pInfo-RasEapBegin = EapBegin; pInfo-RasEapEnd = EapEnd; pInfo-RasEapMakeMessage = EapMakeMessage; return(NO_ERROR); } DWORD APIENTRY EapBegin( OUT VOID** ppWorkBuf, IN VOID* pInfo ) { PPP_EAP_INPUT* pInput = (PPP_EAP_INPUT*)pInfo; EAPCB* pwb; EapTrace(EapBegin(%ws), pInput-pwszIdentity); ... ... ... ... return(NO_ERROR); } // Ëbú?²æìr¸{û§²æìr¸y'Ûiÿü0ÁúÞz¶ë(®å˺ǫ²f
help - checkrad not being called
I have freeradius 0.7 MySQL up and running on a debian woody box (kernel 2.2-20), and doing all that it should EXCEPT allowing users to login if they still have a stale session in the db (Mysql).. I have session{ sql } in radius.conf set to sql .. /usr/local/sbin checkrad runs correctly when run manually and I have it set to debug mode, so I can see when it is being called .. now, when I have a stale session in the DB, and use NTRadPing to request a new auth, it ALWAYS comes back saying the user is online, and checkrad never seems to get called .. I have searched the archives, and even applied a patch suggested back in August, but it still appears checkrad is still not being run. I have tried with 0.7, and the latest snapshot 1009 .. and both give the same result .. What am I missing that is causing checkrad to be ingnore/not called ?? All help greatly appreciated .. Tim Fraser * Relax Internet Internet Service Provider (dial-up ADSL) / Web Hosting www.relax.com.au * - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html