VPN authentication using freeradius
Hi, Pls forgive me if this question is not entirely related to free-radius. I have set up free-radius 0.9.2 runnig on Solaris to authenticate VPN access from VPN server running on MS-Win2000 server. The authentication method is PAP. There is no problem in authentication for computers running XP. But it could not be authenticated for computers running Win98. I could see from the radiusd -X that the authentication was using PAP. Wonder anyone on the list has come across this problem and provide a solution. Thank you. Regards ALan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem in authenticating user in NIS+ compat mode
Dear Alan, Thank you for your help. I uncommented the lines on those files as I thought they were required for Unix. Alan DeKok wrote: akongr [EMAIL PROTECTED] wrote: I checked carefull when running radiusd -X, the radius server readsuser info from /etc/passwd , /etc/shadow and /etc/group. The default configuration of the server is to NOT read those files.So if your version reads those files, YOU changed it. Why did you change the server to break it, and then complain on thelist that it's broken? As user info is stored in NIS+ tables, do you have anysuggestions/modifications on rlm_unix modules in order to read userinfo fom NIS+ tables. Yes. Use the server as it is. Don't edit the configuration filesto break the server. It works. Alan DeKok.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem in authenticating user in NIS+ compat mode
Hi, The user exists in the NIS+ system. Do I need rlm_passwd module included when compile? This was how I config. before comile: ./configure --prefix=/usr/local/freeradius.0.9.2 --localstatedir=/var --enabl e-ltdl-install --enable-ltdl-install This was added to the beginning of "users" file came with the tar ball: testuser Auth-Type := System Fall-Through = 1 There was no problem if the user entry was entered in the /etc/passwd and /etc/shadow. However the user cound not be authenticated if the user was added in NIS format: +testuser: Pls advise whether I have missed some moduels or config. Thank you very much. Regards Alan Alan DeKok wrote: akongr [EMAIL PROTECTED] wrote: I have no problem in authenticate users if the user entry in "users" file is:testuser Auth-Type = local password="testing123"However I could not get users authenticated when I tried to authenticateusers using system as follows: ... modcall: entering group authenticate for request 2 modcall[authenticate]: module "unix" returns notfound for request 2 Does the user exist in the NIS+ system? Alan DeKok.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem in authenticating user in NIS+ compat mode
Dear Alan, I checked carefull when running radiusd -X, the radius server reads user info from /etc/passwd , /etc/shadow and /etc/group. As user info is stored in NIS+ tables, do you have any suggestions/modifications on rlm_unix modules in order to read user info fom NIS+ tables. Thank you. Regards akongr Alan DeKok wrote: akongr [EMAIL PROTECTED] wrote: There was no problem if the user entry was entered in the /etc/passwd and /etc/shadow. However the user cound not be authenticated if the user was added in NIS format:+testuser: Then I would say that the problem lies with configuring the user inNIS+ on your system. So far as FreeRADIUS is concerned, it just asksfor the password from the "system", and doesn't know (or care) if itcomes from /etc/passwd, or NIS+ Alan DeKok.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problem in authenticating user in NIS+ compat mode
Hi, I am running Freeradius-0.9.2 on Sun Sparc Solaris 2.8. User logins were authenticated using NIS+ running in compat mode. I have no problem in authenticate users if the user entry in users file is: testuser Auth-Type = local password=testing123 However I could not get users authenticated when I tried to authenticate users using system as follows: sysuserAuth-Type = System fall-through=1 Message obtained when running raidusd in debug mode: modcall[authorize]: module files returns ok for request 2 modcall[authorize]: module mschap returns noop for request 2 modcall: group authorize returns ok for request 2 rad_check_password: Found Auth-Type System auth: type System modcall: entering group authenticate for request 2 modcall[authenticate]: module unix returns notfound for request 2 modcall: group authenticate returns notfound for request 2 auth: Failed to validate the user. Delaying request 2 for 1 seconds Finished request 2 Pls advise on soving the problem. Thank you. Regards Alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html