Re: User Configuartion Help and Interesting Scenario
Alan Wong [EMAIL PROTECTED] wrote: Therefore the question is, are there add on modules that can dynamically add a user and generate a one time password? No. Dynamically adding a user is something which is (in general) not a good idea. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
User Configuartion Help and Interesting Scenario
Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible, can i set up a database and do it that way? I just need to know how to dynamically add new users without restarting the radius server. 2) Is it possible for radius to also send back a string (password) back to the client instead of just accept-accept. Or will I have to set up another machine or program to do that? Thanks for the help in advance... Alan Wong _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User Configuartion Help and Interesting Scenario
Alan, At 11:38 PM 11/27/2002 +1100, you wrote: Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible, can i set up a database and do it that way? I just need to know how to dynamically add new users without restarting the radius server. Yes, you will need to use a database. 2) Is it possible for radius to also send back a string (password) back to the client instead of just accept-accept. Or will I have to set up another machine or program to do that? I am a little unsure of what you mean here, but I think you are referring to the use of a Reply-Message attribute that can be added to the user's profile to send back a string with your Access-Accept packet. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User Configuartion Help and Interesting Scenario
You do NOT need to use a database to cause freeradius to re-read its users file. You simply have to sigHUP it. Also, the reply-message packet is not guaranteed. Well, let me say that better. It's guaranteed that Freeradius will send it if you specify it. It is NOT guaranteed what the NAS will do with it. (Some NASes will ignore it, many will show it to the user.) Vincent Giovannone Network Infrastructure Group Information Services Division Rush - Presbyterian St. Luke's Medical Center So for the IT Manager Role, you want someone who's absolute crap, looks reasonable on paper, and won't cause too much trouble. ... Well I don't have any MCSEs on my books at the moment, but I could call around.-- Simon Travaglia Chris Brotsos [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/27/2002 07:39 AM Please respond to freeradius-users To: [EMAIL PROTECTED] cc: Subject:Re: User Configuartion Help and Interesting Scenario Alan, At 11:38 PM 11/27/2002 +1100, you wrote: Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible, can i set up a database and do it that way? I just need to know how to dynamically add new users without restarting the radius server. Yes, you will need to use a database. 2) Is it possible for radius to also send back a string (password) back to the client instead of just accept-accept. Or will I have to set up another machine or program to do that? I am a little unsure of what you mean here, but I think you are referring to the use of a Reply-Message attribute that can be added to the user's profile to send back a string with your Access-Accept packet. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User Configuartion Help and Interesting Scenario
At 07:50 AM 11/27/2002 -0600, you wrote: You do NOT need to use a database to cause freeradius to re-read its users file. You simply have to sigHUP it. Fair enough, I was considering a SIGHUP to be a restart of the process...my apologies for any confusion. I can say though, Alan, if you are worried about losing requests when sending a HUP, the current incoming requests will not be dropped (assuming that the request queue does not get full in the time it takes to restart the process). But, to be more specific, if you don't even want to SIGHUP the process then you will need a database. Also, the reply-message packet is not guaranteed. Well, let me say that better. It's guaranteed that Freeradius will send it if you specify it. It is NOT guaranteed what the NAS will do with it. (Some NASes will ignore it, many will show it to the user.) Well, instead of disputing a suggestion I made, when I stated I wasn't even sure that I completely understood the question, please provide another means...especially if you are sure that you know exactly what Alan is trying to accomplish by returning said string. Thanks, Chris Vincent Giovannone Network Infrastructure Group Information Services Division Rush - Presbyterian St. Luke's Medical Center So for the IT Manager Role, you want someone who's absolute crap, looks reasonable on paper, and won't cause too much trouble. ... Well I don't have any MCSEs on my books at the moment, but I could call around.-- Simon Travaglia Chris Brotsos [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/27/2002 07:39 AM Please respond to freeradius-users To: [EMAIL PROTECTED] cc: Subject:Re: User Configuartion Help and Interesting Scenario Alan, At 11:38 PM 11/27/2002 +1100, you wrote: Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible, can i set up a database and do it that way? I just need to know how to dynamically add new users without restarting the radius server. Yes, you will need to use a database. 2) Is it possible for radius to also send back a string (password) back to the client instead of just accept-accept. Or will I have to set up another machine or program to do that? I am a little unsure of what you mean here, but I think you are referring to the use of a Reply-Message attribute that can be added to the user's profile to send back a string with your Access-Accept packet. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User Configuartion Help and Interesting Scenario
At 09:14 AM 11/27/2002 -0600, you wrote: I'm not disputing anything; I'm trying to provide information. I have freeradius set up to _always_ send reply messages, and I have NASes that show the string to the user on login, and NASes that completely ignore it. Nothing more, nothing less. I thought that maybe you had another idea of what Alan was trying to accomplish. I'm just a little confused because of what he suggested he was trying to return...a password. I didn't know if he meant Reply-Message or not. When you said that the NAS ignores the Reply-Message, I didn't know if you had another attribute in mind that specifically dealt with returning a password to the NAS...that's all I meant. Sorry for the inappropriate tone. Chris Vincent Giovannone Network Infrastructure Group Information Services Division Rush - Presbyterian St. Luke's Medical Center So for the IT Manager Role, you want someone who's absolute crap, looks reasonable on paper, and won't cause too much trouble. ... Well I don't have any MCSEs on my books at the moment, but I could call around.-- Simon Travaglia Chris Brotsos [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/27/2002 09:08 AM Please respond to freeradius-users To: [EMAIL PROTECTED] cc: Subject:Re: User Configuartion Help and Interesting Scenario At 07:50 AM 11/27/2002 -0600, you wrote: You do NOT need to use a database to cause freeradius to re-read its users file. You simply have to sigHUP it. Fair enough, I was considering a SIGHUP to be a restart of the process...my apologies for any confusion. I can say though, Alan, if you are worried about losing requests when sending a HUP, the current incoming requests will not be dropped (assuming that the request queue does not get full in the time it takes to restart the process). But, to be more specific, if you don't even want to SIGHUP the process then you will need a database. Also, the reply-message packet is not guaranteed. Well, let me say that better. It's guaranteed that Freeradius will send it if you specify it. It is NOT guaranteed what the NAS will do with it. (Some NASes will ignore it, many will show it to the user.) Well, instead of disputing a suggestion I made, when I stated I wasn't even sure that I completely understood the question, please provide another means...especially if you are sure that you know exactly what Alan is trying to accomplish by returning said string. Thanks, Chris Vincent Giovannone Network Infrastructure Group Information Services Division Rush - Presbyterian St. Luke's Medical Center So for the IT Manager Role, you want someone who's absolute crap, looks reasonable on paper, and won't cause too much trouble. ... Well I don't have any MCSEs on my books at the moment, but I could call around.-- Simon Travaglia Chris Brotsos [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 11/27/2002 07:39 AM Please respond to freeradius-users To: [EMAIL PROTECTED] cc: Subject:Re: User Configuartion Help and Interesting Scenario Alan, At 11:38 PM 11/27/2002 +1100, you wrote: Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible, can i set up a database and do it that way? I just need to know how to dynamically add new users without restarting the radius server. Yes, you will need to use a database. 2) Is it possible for radius to also send back a string (password) back to the client instead of just accept-accept. Or will I have to set up another machine or program to do that? I am a little unsure of what you mean here, but I think you are referring to the use of a Reply-Message attribute that can be added to the user's profile to send back a string with your Access-Accept packet. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --- Christopher Brotsos ([EMAIL PROTECTED]) Development Engineering StarNet/MegaPOP: http://www.megapop.net WX is wireless : http://www.starnetwx.net This message is sent in confidence to the addressees. It may contain privileged, proprietary, or confidential information. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User Configuartion Help and Interesting Scenario
Dear all, Sorry for the badly worded question which has caused a big confusion. I think I should explain the problem at hand instead of asking bits and pieces. I want to be able to use an authenication server which will receive a request. This request asks the authentication server to dynamically add the user and also generate a one time password. Then after the user is authenticated with that password it will be deleted. Therefore the question is, are there add on modules that can dynamically add a user and generate a one time password? But now that the only way to dynamically add a user is through a database (we do not want to even restart the auth server) therefore the main question is is there a module to generate a one time password (and also be able to delete the user after the password has been used?) Sorry for the confusion caused. THanks in advance, Alan From: Chris Brotsos [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: User Configuartion Help and Interesting Scenario Date: Wed, 27 Nov 2002 07:39:13 -0600 Alan, At 11:38 PM 11/27/2002 +1100, you wrote: Dear all, I have just installed radius 0.8 on my redhat 7.2 box. Being a total newbie I just wanted to know two things... 1) Firstly how do I add new users and then without restarting make radius reread the users file? Is there a configuration switch to allow me to do that? If it isnt possible, can i set up a database and do it that way? I just need to know how to dynamically add new users without restarting the radius server. Yes, you will need to use a database. 2) Is it possible for radius to also send back a string (password) back to the client instead of just accept-accept. Or will I have to set up another machine or program to do that? I am a little unsure of what you mean here, but I think you are referring to the use of a Reply-Message attribute that can be added to the user's profile to send back a string with your Access-Accept packet. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html