Can't start FreeRadius after 1st installation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear All, I am very new to FreeRadius. Just today, I have installed FreeRadius 1.13 from FreeBSD 6.0 (i386) ports. I am following this material from: http://www.onlamp.com/pub/a/onlamp/excerpt/radius_5/index1.html However when I try to start it using: radiusd -X, I get the following errors: Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = /usr/local main: localstatedir = /var main: logdir = /var/log main: libdir = /usr/local/lib main: radacctdir = /var/log/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/sbin/checkrad main: proxy_requests = no proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients Using deprecated clients file. Support for this will go away soon. read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes exec: program = (null) exec: input_pairs = request exec: output_pairs = (null) exec: packet_type = (null) rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = /etc/passwd unix: shadow = /etc/shadow unix: group = /etc/group unix: radwtmp = /var/log/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Segmentation fault: 11 (core dumped) Can somebody shed some light on this issue? - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFoMAnVrOl+eVhOvYRAkQZAJ4mnkYZj5EzStO36Yl07vCrp+KjGwCgoY0U eptcoO+IV9DavLvJDl/LXow= =rnIv -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can't start FreeRadius after 1st installation
Tek Bahadur Limbu wrote: Dear All, I am very new to FreeRadius. Just today, I have installed FreeRadius 1.13 from FreeBSD 6.0 (i386) ports. I am following this material from: http://www.onlamp.com/pub/a/onlamp/excerpt/radius_5/index1.html Why? That information is years out of date. The server comes with more up to date documentation. As for segmentation faults on FreeBSD, I suggest asking the FreeBSD port maintainer. It works fine on other systems, so the problem is something local. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Strip @domain.com before auth.
Hi, My problem is this. I would to strip the @domain from the username before the authentication takes place? how and where is this done? use could use the rewrite module alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help with peap-eap/mschapv2
adreas Polyxronopoulos wrote: rad_recv: Access-Request packet from host 10.0.0.10:3794, id=160, length=132 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = someone Calling-Station-Id = 00166f122595 Called-Station-Id = 000d545c4190 NAS-Identifier = 3Com Access Point EAP-Message = 0x0201000c01736f6d656f6e65 Message-Authenticator = 0x160e121c6c28afb7f18ee9f0862390d0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module preprocess returns ok for request 0 modcall[authorize]: module mschap returns noop for request 0 rlm_realm: No '@' in User-Name = someone, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop for request 0 rlm_eap: EAP packet type response id 1 length 12 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module eap returns updated for request 0 users: Matched entry DEFAULT at line 155 users: Matched entry someone at line 219 modcall[authorize]: module files returns ok for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type Local Don't set Auth-Type to Local. Don't set it to anything in fact. In 99% of cases, a correctly configured server will set it just fine itself, and attempting to fiddle with it will break things. Most likely one of the two entries in the users file in line 155 or 219 is causing it to break. Your users file only needs: usernameUser-Password := thepassword - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Can't start FreeRadius after 1st installation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 07 Jan 2007 05:09:02 -0500 Alan DeKok [EMAIL PROTECTED] wrote: Tek Bahadur Limbu wrote: Dear All, I am very new to FreeRadius. Just today, I have installed FreeRadius 1.13 from FreeBSD 6.0 (i386) ports. I am following this material from: http://www.onlamp.com/pub/a/onlamp/excerpt/radius_5/index1.html Why? That information is years out of date. The server comes with more up to date documentation. As for segmentation faults on FreeBSD, I suggest asking the FreeBSD port maintainer. It works fine on other systems, so the problem is something local. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Dear Alan, Thanks for you suggestions. I will get some help from the FreeBSD mailing list. But I have to get FreeRadius running on a FreeBSD box. Thanks for the 2 links you provided. I will be visiting the site (http://deployingradius.com) for more help. -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFFoN8OVrOl+eVhOvYRAilPAKCn4LtbX0vyTg66WqOu9iW3v5FJuACfe8tH anN9hEPwKiCs7blhU3r7pVg= =3gJZ -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Strip @domain.com before auth.
Thanks anyways, but I figured it out. STM [EMAIL PROTECTED] wrote: Hi, My problem is this. I would to strip the @domain from the username before the authentication takes place? how and where is this done? use could use the rewrite module alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
PHP coding request - give me a price
I have an mysql backend from my accounting program that contains all my user details. I need a php script that I can run from cron that will Import all new users into freeradius that aren't already in its mysql db If the user is already in the freeradius db then see if any information is changed and update it. If the user is no longer in my mysql accounting system then also either remove it from freeradius or expire the user. I have the sql select statement for my mysql accounting system with the relevant information. Anyone able to do this at a reasonable price then drop me an email. thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PHP coding request - give me a price
Sorry, Cory, I just realized you were in .au. I'm not able to make an international call from my current location. Please see inline comments below, however, as I want to make sure I am understanding things correctly. On 1/8/07, Cory Robson [EMAIL PROTECTED] wrote: I have an mysql backend from my accounting program that contains all my user details. This is a home-grown system that is completely independent of the FreeRADIUS database, correct? I'm assuming that your users are added to this database either manually by you (or others) or automatically by your sign-up system. This database should also contains all the information that I would need to get the users added into FreeRADIUS successfully (e.g. username/password details, etc.). I need a php script that I can run from cron that will Import all new users into freeradius that aren't already in its mysql db If the user is already in the freeradius db then see if any information is changed and update it. If the user is no longer in my mysql accounting system then also either remove it from freeradius or expire the user. You want to keep the databases in synch in both directions, correct? I have the sql select statement for my mysql accounting system with the relevant information. Anyone able to do this at a reasonable price then drop me an email. thanks This should be relatively straightforward and could be knocked out pretty easily. There are a few things I would need from you in order to complete this project: the schema of the database of your accounting system; an example row from this database; and the schema of the FreeRADIUS *if* you've modified it any from the default schema. As for price, assuming the complete scope of the project is as described above, I am offering to complete this project for you for $75.00 USD and can commit to having it completed by the end of this Friday -- it would likely be much sooner, but I prefer to allow myself plenty of time as often times other things seem to magically come up. Please let me know if you're interested or would like to discuss further. Thanks, -j -- Jeremy L. Gaddis, MCP, GCWN http://www.linuxwiz.net/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
overwriting ldap radiusprofile according to realms?
Hi list, we are storing our user data in openLDAP with a radiusProfileDN attribute, which is sent back by the freeradius server (v.1.1.3, on SLES10) as expected. The profile contains information for the vlan of user. We now would like to have the possibility to let the user login in a special vlan (the internetcafe) and thought of doing this with realms, which means the user has to login with username or [EMAIL PROTECTED], setting the following in the users file: /etc/raddb/users DEFAULT User-Name =~ @ic$, User-Profile := cn=InternetCafe,ou=Netconfig,o=Test This works if the users has no radiusprofileDN stored in LDAP, but if he has such an attribute the profile data from the user is used, not the cn=InternetCafe. How can I overwrite the value for radiusprofiledn if the user appends @ic to this username? Or is there a better way to achieve this (changing the profile data / vlan according to login)? Thanks in advance for any help! Reagards Markus -- Markus Krause email: [EMAIL PROTECTED] Mogli-Soft: Support for Mac OS X, Webmail/Horde, LDAP, RADIUS by order of the Computing Center of the Max-Planck-Institute of Biochemistry Tel.: 089 - 89 40 85 99 Fax.: 089 - 89 40 85 98 -- This message was sent using https://webmail2.biochem.mpg.de If you encounter any problems please report to [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html