rlm_ldap compare_check

2002-07-25 Thread Michael Bielicki 

Hi there,
how can I see which pair fails in the comparison, so I can find out what is 
wrong ?

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

ldap and check items

2002-07-25 Thread Michael Bielicki 

Hi there,
I have a problem.
My users file is empty
My NASes use CHAPP

My ldap entries have only one check entry, and that is the calling station id

my ldap module conf is:
ldap {
server = ###
identity = ##
password = 
basedn = 
filter = "(uid=%u)"
start_tls = no
access_attr = "description"
dictionary_mapping = ${raddbdir}/ldap.attrmap
compare_check_items = no
ldap_debug=0x
ldap_cache_timeout = 120
ldap_cache_size = 0
ldap_connections_number = 5
# password_header = "{clear}"
password_attribute = userPassword

timeout = 4
timelimit = 3
net_timeout = 1
}

as long as compare_check_items is no it works
if I do a compare_check_items=yes it rejects the connect, no matter if I add 
the cli in calling-station-id or not. I tried it with no entries...same shit 
...
any help ?

regards

Michael Bielicki

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: postgresql accounting (bug?)

2002-04-15 Thread Michael Bielicki 

Could you post it to me as well ?

On Mon, 2002-04-15 at 10:55, Andrew Kukhta wrote:
> Hello Roman,
> 
> Friday, April 12, 2002, 2:19:11 PM, you wrote:
> 
> R> Hi!
> R>I use freeradius 0.5 with postgresql 7.2 on FreeBSD 4.5
> R> When i run freeradius in dedug mode (radiusd -x), I found that:
> R> 1) freeradius query for Accounting stop packets with
> R> "accounting_stop_query_alt" in any way, regardless of accounting_stop_query
> R> fail or not
> 
> R> rad_recv: Accounting-Request packet from host x.x.x.x, id=206, length=127
> 
> R> query: UPDATE radacct SET AcctStopTime =.
> R> rlm_postgresql Status: PGRES_COMMAND_OK
> R> sql_postgresql: affected rows = 1
> 
> R> query: INSERT into radacct ( AcctSessionId,
> R> rlm_postgresql Status: PGRES_FATAL_ERROR
> R> sql_postgresql: affected rows =
> 
> R> I have not many C experience, but it seems like
> R> sql_affected_rows always 0 for update query
> 
> Correct.
> Patch was posted in this list April,8.
> If you can't find it in list archives, write to me, I'll send it to you.
> 
> -- 
>  Andrew Kukhtamailto:[EMAIL PROTECTED]
> 
> 
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Ascend "unknown code 33" entries

2002-04-12 Thread Michael Bielicki 

Radius1 from lucent is much older than the rfc ...


On Fri, 2002-04-12 at 00:13, Artur Hecker wrote:
> 
> just a detail :)
> 
> 
> > I am having the same problem with "unknown code 33" packets on a newly installed 
>FreeRadius 0.5 
> > server auth'ing some Ascend MAX 4000's. (I've been using Ascend-hacked RADIUS 
>since '95
> > and figured it was time for a change..:-)
> 
> ah that's pretty cool! because RADIUS (RFC 2058) officially exists since
> 01/97... wow! ;-)
> 
> evil-artur
> 
> 
> -- 
> artur[at]hecker.info
> 
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: access time restrictions

2002-04-03 Thread Michael Bielicki 

An easier way is to use counters. I have a quite similar problem but
want to implement differnt units for daytime/nighttime, like 1 daytime
minute = 2 nighttime minutes ...

On Wed, 2002-04-03 at 11:32, Pasi Kärkkäinen wrote:
> 
> Hello!
> 
> I'd like to implement following scenario with openradius or freeradius:
> 
> User has some specific time (say 3600 seconds) one can use. After the
> time is exceeded, radiusd return zero seconds as access-time for the user
> when one logs in.
> 
> NAS requests allowed access-time when user logs in and returns used time
> to radiusd when user logs off.
> 
> I'd like to store this information in sql-database (mysql).
> 
> Has anyone already done something like this? Any ideas how to do this?
> 
> Thanks!
> 
> 
> - Pasi Kärkkäinen
>^
> . .
>  Linux
>   /-\
>  Choice.of.the
>.Next.Generation.
> 
> 
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 




signature.asc
Description: This is a digitally signed message part

LDAP and groups

2002-03-27 Thread Michael Bielicki 

Can somebody give me an example for the following:

I want authenticate againstan ldap directory and have all users be
members of different groups with different dialin times. Could not find
out how to use groups with ldap yet ...

Accounting would go to postgresql, which I started understanding today
(the module that is )

thanks for your help

Michael Bielicki





signature.asc
Description: This is a digitally signed message part

nortel cvx disconnect

2002-03-27 Thread Michael Bielicki 

Haven't found that one in the faq. What do I have to send for a
disconnect to a nortel cvx and as what type do I put it in the nas list
?





signature.asc
Description: This is a digitally signed message part