Re: Help needed with Realms (Freeradius) Urgent!
Alright bro, after doing that i get a message that Error: WARNING: Possible DoS attack from host 172.16. 1.104: Too many attributes in request (received 201, max 200 are allowed). but after that it is ok any idea how to get rid of this error? tnt wrote: > > First line will check the password. You might need to add Auth-Type:= > Local there. On other lines you put reply items like Service-Type, > Framed-IP-Address etc. If there are items that are same for all users > put them in DEFAULT entry. Don't put Realm there or anywhere else in > users file. > > Ivan Kalik > Kalik Informatika ISP > > > Dana 18/3/2007, "virulence" <[EMAIL PROTECTED]> piše: > >> >>Alright so it's >> >>[EMAIL PROTECTED] Password := xyz >> Framed sdfds = sfsdffs >> Realm = company.com >> >>Am I getting it right? >> >> >>tnt wrote: >>> >>> Just change username from abc to [EMAIL PROTECTED] . If you don't strip >>> and put Realm = whatever as check item, username abc still won't match. >>> >>> Ivan Kalik >>> Kalik Informatika ISP >>> >>> >>> Dana 18/3/2007, "virulence" <[EMAIL PROTECTED]> piĹĄe: >>> So sorry, there was a misunderstanding in what was allocated to me and I would try what you said when I get back to office on Monday. Btw, for the realms, the configuration is just by putting nostrip under >>the realm as in the proxy.conf but for the users file, would putting realm = company.com work for binding realm @company.com to abc user for example. Or may I know what is the full configuration. Sorry for the trouble as this is the first time I'm using freeradius. Thanks Alan DeKok-4 wrote: > > virulence wrote: >> But however, I needed the realms to be stripped as all my users auth >> by >> only >> their username and password... Is there another way of doing it? > > If you're insisting that the realms MUST be stripped, then you will > have the problem you noted, which you say you don't want. The problem > is a direct result of your requirement that the realms be stripped. > > The message you responded to told you how to solve the problem. Try > the method that was suggested to you. Alternately, if you're not > going > to follow the help given on this list, I'm not sure why you're asking > for help. > > Alan DeKok. > -- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- View this message in context: >>http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9537046 Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See >>http://www.freeradius.org/list/users.html >>> >>> - >>> List info/subscribe/unsubscribe? See >>> http://www.freeradius.org/list/users.html >>> >>> >> >>-- >>View this message in context: http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9539717 >>Sent from the FreeRadius - User mailing list archive at Nabble.com. >> >> >>- >>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- View this message in context: http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9545306 Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How do I not set Auth-Type?
Alan DeKok wrote: > > In addition, if anyone can figure out a clear way to configure this in > the server, I'd like to know... How about a config item like so: usernamePap-Auth-DelegateTo := "moduleinstancename" and make rlm_pap the ONLY valid option in authorize/authenticate. rlm_pap, when called in authenticate, checks if the config item is set. If so, it finds the given module instance and passes the authenticate request to it. Many of the "oracles" (nice name) need little or no code to be executed in authorize. LDAP is about the only one I can think of. I could see this having real use in other situations - it would obviate the need for Autz-Type in some "merger" situations. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication against an executable and mysql
--- Kenneth Penza <[EMAIL PROTECTED]> wrote:
> People,
>
> How can I make the RADIUS server check that two
> conditions, the result of the authentication against
> MySQL (already working) and on the exit status of an
> executable (the executable that sets the exit status
> depending on the outcomes of the check). I want the
> authentication to success if both tests are
> successful
> otherwise I want it to fail.
>
>
> Regards
> Kenneth
>
>
>
>
>
> Bored stiff? Loosen up...
> Download and play hundreds of games for free on
> Yahoo! Games.
> http://games.yahoo.com/games/front
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
I am trying to get user authenticated against a
shell script. I have added the following configuration
to freeradius:
under the modules section i have added
exec myauth {
wait = yes
program =
"/etc/raddb/myscripts/auth.sh %{User-Name}"
input_pairs = request
output_pairs = reply
packet_type = Access-Request
}
and under the authorize section I have added
myauth
The contents of the script:
[EMAIL PROTECTED] raddb]# cat /etc/raddb/myscripts/auth.sh
#!/bin/bash
echo $1 >> /tmp/myauth.out
exit 0
[EMAIL PROTECTED] raddb]#
On restarting the server,and attempting to connect to
the radius server I get
[EMAIL PROTECTED] ~]# echo
"User-Name=user1,User-Password=pass1" |radclient -x
localhost:1812 auth testing123
Sending Access-Request of id 244 to 127.0.0.1:1812
User-Name = "user1"
User-Password = "pass1"
rad_recv: Access-Reject packet from host
127.0.0.1:1812, id=244, length=20
[EMAIL PROTECTED] ~]#
and in the session from I have started he radius
server using /usr/sbin/radiusd -X -A
I get:
Ready to process requests.
rad_recv: Access-Request packet from host
127.0.0.1:32772, id=244, length=45
User-Name = "user1"
User-Password = "pass1"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok
for request 0
modcall[authorize]: module "chap" returns noop for
request 0
modcall[authorize]: module "mschap" returns noop for
request 0
rlm_realm: No '@' in User-Name = "user1", looking
up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for
request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for
request 0
radius_xlat: '/etc/raddb/myscripts/auth.sh user1'
Exec-Program: /etc/raddb/myscripts/auth.sh user1
Exec-Program output:
Exec-Program: returned: 0
modcall[authorize]: module "myauth" returns ok for
request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration
found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [user1/pass1] (from client localhost
port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 244 to 127.0.0.1:32772
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 244 with timestamp 45fd3d21
Nothing to do. Sleeping until we see a request.
I am missing some configuration?
Thanks in advance for you help
Kenneth
8:00? 8:25? 8:40? Find a flick in no time
with the Yahoo! Search movie showtime shortcut.
http://tools.search.yahoo.com/shortcuts/#news
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: howto define Auth-Type in perl script?
Zitat von Tomas Hoger <[EMAIL PROTECTED]>:
> On 3/18/07, Markus Krause <[EMAIL PROTECTED]> wrote:
>> i am writing a perl script to authorize and authenticate users.
>> authorization works (so the script itself works and seems to be used
>> by freeradius as expected) but as i do not know how to define the
>> Auth-Type with the perl script i get the following error message "no
>> Auth-Type found" when running radiusd -XAs.
>> How can i set "Auth-Type" from a perl script or how is this done correctly?
>
> $RAD_CHECK{'Auth-Type'}= 'FOO';
>
> th.
thanks a lot, that works! (embarassing how easy that was!)
with best regards
markus
+-+
| Markus Krause, Mogli-Soft |
| Support for Mac OS X, Webmail/Horde, LDAP, RADIUS, MySQL|
| by order of the |
|Computing Center of the Max-Planck-Institute of Biochemistry |
+++
| E-Mail: [EMAIL PROTECTED] | Tel.: 089 - 89 40 85 99 |
| [EMAIL PROTECTED] | Fax.: 089 - 89 40 85 98 |
| Skype: markus.krause | iChat: [EMAIL PROTECTED] |
+++
--
This message was sent using https://webmail2.biochem.mpg.de
If you encounter any problems please report to [EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help needed with Realms (Freeradius) Urgent!
First line will check the password. You might need to add Auth-Type:= Local there. On other lines you put reply items like Service-Type, Framed-IP-Address etc. If there are items that are same for all users put them in DEFAULT entry. Don't put Realm there or anywhere else in users file. Ivan Kalik Kalik Informatika ISP Dana 18/3/2007, "virulence" <[EMAIL PROTECTED]> piše: > >Alright so it's > >[EMAIL PROTECTED] Password := xyz > Framed sdfds = sfsdffs > Realm = company.com > >Am I getting it right? > > >tnt wrote: >> >> Just change username from abc to [EMAIL PROTECTED] . If you don't strip >> and put Realm = whatever as check item, username abc still won't match. >> >> Ivan Kalik >> Kalik Informatika ISP >> >> >> Dana 18/3/2007, "virulence" <[EMAIL PROTECTED]> piĹĄe: >> >>> >>>So sorry, there was a misunderstanding in what was allocated to me and I >>>would try what you said when I get back to office on Monday. >>> >>>Btw, for the realms, the configuration is just by putting nostrip under >the >>>realm as in the proxy.conf >>>but for the users file, would putting realm = company.com work for binding >>>realm @company.com to abc user for example. Or may I know what is the full >>>configuration. Sorry for the trouble as this is the first time I'm using >>>freeradius. Thanks >>> >>> >>> >>>Alan DeKok-4 wrote: virulence wrote: > But however, I needed the realms to be stripped as all my users auth by > only > their username and password... Is there another way of doing it? If you're insisting that the realms MUST be stripped, then you will have the problem you noted, which you say you don't want. The problem is a direct result of your requirement that the realms be stripped. The message you responded to told you how to solve the problem. Try the method that was suggested to you. Alternately, if you're not going to follow the help given on this list, I'm not sure why you're asking for help. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >>> >>>-- >>>View this message in context: >http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9537046 >>>Sent from the FreeRadius - User mailing list archive at Nabble.com. >>> >>>- >>>List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html >>> >>> >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> > >-- >View this message in context: >http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9539717 >Sent from the FreeRadius - User mailing list archive at Nabble.com. > > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: howto define Auth-Type in perl script?
On 3/18/07, Markus Krause <[EMAIL PROTECTED]> wrote:
> i am writing a perl script to authorize and authenticate users.
> authorization works (so the script itself works and seems to be used
> by freeradius as expected) but as i do not know how to define the
> Auth-Type with the perl script i get the following error message "no
> Auth-Type found" when running radiusd -XAs.
> How can i set "Auth-Type" from a perl script or how is this done correctly?
$RAD_CHECK{'Auth-Type'}= 'FOO';
th.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problem with fr1.1.5
Hi everyone, I download freeradius1.1.5 and compiled with no problem on my FC4, but when I try to start radiusd, I got: [EMAIL PROTECTED] freeradius-1.1.5]# radiusd bash: radiusd: command not found [EMAIL PROTECTED] freeradius-1.1.5]# whereis radiusd radiusd: /usr/local/sbin/radiusd [EMAIL PROTECTED] freeradius-1.1.5]# /usr/local/sbin/radiusd Mon Mar 19 07:35:06 2007 : Info: Starting - reading configuration files ... *** glibc detected *** /usr/local/sbin/radiusd: double free or corruption (fasttop): 0x09557e68 *** === Backtrace: = /lib/libc.so.6[0x5b1424] /lib/libc.so.6(__libc_free+0x77)[0x5b195f] /usr/local/lib/libltdl.so.3[0x692a50] /usr/local/lib/libltdl.so.3(lt_dlopenext+0xc3)[0x69351f] /usr/local/sbin/radiusd(find_module_instance+0x1bd)[0xc84fb5] /usr/local/sbin/radiusd(setup_modules+0x1c0)[0xc857b0] /usr/local/sbin/radiusd(main+0x3b0)[0xc88814] /lib/libc.so.6(__libc_start_main+0xc6)[0x562de6] /usr/local/sbin/radiusd[0xc7dcb5] === Memory map: 00111000-0012b000 r-xp 08:02 2710181 /lib/ld-2.3.5.so 0012b000-0012c000 r--p 00019000 08:02 2710181 /lib/ld-2.3.5.so 0012c000-0012d000 rw-p 0001a000 08:02 2710181 /lib/ld-2.3.5.so 0012d000-0013c000 r-xp 08:02 2710187 /lib/libresolv-2.3.5.so 0013c000-0013d000 r--p e000 08:02 2710187 /lib/libresolv-2.3.5.so 0013d000-0013e000 rw-p f000 08:02 2710187 /lib/libresolv-2.3.5.so 0013e000-0014 rw-p 0013e000 00:00 0 0014-0014e000 r-xp 08:02 2710185 /lib/libpthread-2.3.5.so 0014e000-0014f000 r--p d000 08:02 2710185 /lib/libpthread-2.3.5.so 0014f000-0015 rw-p e000 08:02 2710185 /lib/libpthread-2.3.5.so 0015-00152000 rw-p 0015 00:00 0 00152000-00165000 r-xp 08:05 1763352 /usr/local/lib/libradius- 1.1.5.so 00165000-00166000 rw-p 00013000 08:05 1763352 /usr/local/lib/libradius- 1.1.5.so 00166000-00167000 rw-p 00166000 00:00 0 00167000-0019c000 r-xp 08:02 2710192 /lib/libssl.so.0.9.7f 0019c000-0019f000 rw-p 00035000 08:02 2710192 /lib/libssl.so.0.9.7f 0019f000-00297000 r-xp 08:02 2710191 /lib/libcrypto.so.0.9.7f 00297000-002a9000 rw-p 000f8000 08:02 2710191 /lib/libcrypto.so.0.9.7f 002a9000-002ac000 rw-p 002a9000 00:00 0 002ac000-0031b000 r-xp 08:05 4116627 /usr/lib/libkrb5.so.3.2 0031b000-0031e000 rw-p 0006e000 08:05 4116627 /usr/lib/libkrb5.so.3.2 0031e000-0032 r-xp 08:05 1763454 /usr/local/lib/rlm_exec- 1.1.5.so 0032-00321000 rw-p 1000 08:05 1763454 /usr/local/lib/rlm_exec- 1.1.5.so 0034-00363000 r-xp 08:05 4116626 /usr/lib/libk5crypto.so.3.0 00363000-00364000 rw-p 00023000 08:05 4116626 /usr/lib/libk5crypto.so.3.0 0054e000-00672000 r-xp 08:02 2710182 /lib/libc-2.3.5.so 00672000-00674000 r--p 00124000 08:02 2710182 /lib/libc-2.3.5.so 00674000-00676000 rw-p 00126000 08:02 2710182 /lib/libc-2.3.5.so 00676000-00678000 rw-p 00676000 00:00 0 0068c000-0068e000 r-xp 08:02 2710184 /lib/libdl-2.3.5.so 0068e000-0068f000 r--p 1000 08:02 2710184 /lib/libdl-2.3.5.so 0068f000-0069 rw-p 2000 08:02 2710184 /lib/libdl-2.3.5.so 0069-00695000 r-xp 08:05 1763347 /usr/local/lib/libltdl.so.3.1.4 00695000-00696000 rw-p 4000 08:05 1763347 /usr/local/lib/libltdl.so.3.1.4 006b-006c2000 r-xp 08:02 2710193 /lib/libnsl-2.3.5.so 006c2000-006c3000 r--p 00011000 08:02 2710193 /lib/libnsl-2.3.5.so 006c3000-006c4000 rw-p 00012000 08:02 2710193 /lib/libnsl-2.3.5.so 006c4000-006c6000 rw-p 006c4000 00:00 0 006e-006e5000 r-xp 08:02 2710199 /lib/libcrypt-2.3.5.so 006e5000-006e6000 r--p 4000 08:02 2710199 /lib/libcrypt-2.3.5.so 006e6000-006e7000 rw-p 5000 08:02 2710199 /lib/libcrypt-2.3.5.so 006e7000-0070e000 rw-p 006e7000 00:00 0 0099f000-009a1000 r-xp 08:02 2710190 /lib/libcom_err.so.2.1 009a1000-009a2000 rw-p 1000 08:02 2710190 /lib/libcom_err.so.2.1 00c79000-00c95000 r-xp 08:05 1763568 /usr/local/sbin/radiusd 00c95000-00c96000 rw-p 0001c000 08:05 1763568 /usr/local/sbin/radiusd 00c96000-00c97000 rw-p 00c96000 00:00 0 00cb1000-00cba000 r-xp 08:02 2709173 /lib/libnss_files-2.3.5.so 00cba000-00cbb000 r--p 8000 08:02 2709173 /lib/libnss_files-2.3.5.so 00cbb000-00cbc000 rw-p 9000 08:02 2709173 /lib/libnss_files-2.3.5.so 00de7000-00de8000 r-xp 00de7000 00:00 0 00dfc000-00dfe000 r-xp 08:05 4115774 /usr/lib/libkrb5support.so.0.0 00dfe000-00dff000 rw-p 1000 08:05 4115774 /usr/lib/libkrb5support.so.0.0 00dff000-00e15000 r-xp 08:05 4116628 /usr/lib/libgssapi_krb5.so.2.2 00e15000-00e16000 rw-p 00016000 08:05 4116628 /usr/lib/libgssapi_krb5.so.2.2 00f56000-00f5f000 r-xp 08:02 2710186 /lib/libgcc_s- 4.0.0-20050520.so.1 00f5f000-00f6 rw-p 9000 08:02 2710186 /lib/libgcc_s- 4.0.0-20050520.so.1 00f7-00f82000 r-xp 08:05 4116618 /usr/lib/libz.so.1.2.2.2 00f82000-00f83000 rw-p 00011000 08:05 4116618 /usr/lib/libz.so.1.2.2.2 094e8000-095cf000 rw-p 094e8000 00:00 0 [heap] b7d0-b7d21000 rw-p b7d0 00:
howto define Auth-Type in perl script?
Hi list! i am writing a perl script to authorize and authenticate users. authorization works (so the script itself works and seems to be used by freeradius as expected) but as i do not know how to define the Auth-Type with the perl script i get the following error message "no Auth-Type found" when running radiusd -XAs. How can i set "Auth-Type" from a perl script or how is this done correctly? Thanks in advance for any hints! regards, markus +-+ | Markus Krause, Mogli-Soft | | Support for Mac OS X, Webmail/Horde, LDAP, RADIUS, MySQL| | by order of the | |Computing Center of the Max-Planck-Institute of Biochemistry | +++ | E-Mail: [EMAIL PROTECTED] | Tel.: 089 - 89 40 85 99 | | [EMAIL PROTECTED] | Fax.: 089 - 89 40 85 98 | | Skype: markus.krause | iChat: [EMAIL PROTECTED] | +++ -- This message was sent using https://webmail2.biochem.mpg.de If you encounter any problems please report to [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication against an executable and mysql
--- Kenneth Penza <[EMAIL PROTECTED]> wrote:
> People,
>
> How can I make the RADIUS server check that two
> conditions, the result of the authentication against
> MySQL (already working) and on the exit status of an
> executable (the executable that sets the exit status
> depending on the outcomes of the check). I want the
> authentication to success if both tests are
> successful
> otherwise I want it to fail.
>
>
> Regards
> Kenneth
>
>
>
>
>
> Bored stiff? Loosen up...
> Download and play hundreds of games for free on
> Yahoo! Games.
> http://games.yahoo.com/games/front
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
I am trying to get user authenticated against a
shell script. I have added the following configuration
to freeradius:
under the modules section i have added
exec myauth {
wait = yes
program =
"/etc/raddb/myscripts/auth.sh %{User-Name}"
input_pairs = request
output_pairs = reply
packet_type = Access-Request
}
and under the authorize section I have added
myauth
The contents of the script:
[EMAIL PROTECTED] raddb]# cat /etc/raddb/myscripts/auth.sh
#!/bin/bash
echo $1 >> /tmp/myauth.out
exit 0
[EMAIL PROTECTED] raddb]#
On restarting the server,and attempting to connect to
the radius server I get
[EMAIL PROTECTED] ~]# echo
"User-Name=user1,User-Password=pass1" |radclient -x
localhost:1812 auth testing123
Sending Access-Request of id 244 to 127.0.0.1:1812
User-Name = "user1"
User-Password = "pass1"
rad_recv: Access-Reject packet from host
127.0.0.1:1812, id=244, length=20
[EMAIL PROTECTED] ~]#
and in the session from I have started he radius
server using /usr/sbin/radiusd -X -A
I get:
Ready to process requests.
rad_recv: Access-Request packet from host
127.0.0.1:32772, id=244, length=45
User-Name = "user1"
User-Password = "pass1"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok
for request 0
modcall[authorize]: module "chap" returns noop for
request 0
modcall[authorize]: module "mschap" returns noop for
request 0
rlm_realm: No '@' in User-Name = "user1", looking
up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for
request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for
request 0
radius_xlat: '/etc/raddb/myscripts/auth.sh user1'
Exec-Program: /etc/raddb/myscripts/auth.sh user1
Exec-Program output:
Exec-Program: returned: 0
modcall[authorize]: module "myauth" returns ok for
request 0
modcall: group authorize returns ok for request 0
auth: No authenticate method (Auth-Type) configuration
found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [user1/pass1] (from client localhost
port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 244 to 127.0.0.1:32772
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 244 with timestamp 45fd3d21
Nothing to do. Sleeping until we see a request.
I am missing some configuration?
Thanks in advance for you help
Kenneth
It's here! Your new message!
Get new email alerts with the free Yahoo! Toolbar.
http://tools.search.yahoo.com/toolbar/features/mail/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help needed with Realms (Freeradius) Urgent!
Alright so it's [EMAIL PROTECTED] Password := xyz Framed sdfds = sfsdffs Realm = company.com Am I getting it right? tnt wrote: > > Just change username from abc to [EMAIL PROTECTED] . If you don't strip > and put Realm = whatever as check item, username abc still won't match. > > Ivan Kalik > Kalik Informatika ISP > > > Dana 18/3/2007, "virulence" <[EMAIL PROTECTED]> piše: > >> >>So sorry, there was a misunderstanding in what was allocated to me and I >>would try what you said when I get back to office on Monday. >> >>Btw, for the realms, the configuration is just by putting nostrip under the >>realm as in the proxy.conf >>but for the users file, would putting realm = company.com work for binding >>realm @company.com to abc user for example. Or may I know what is the full >>configuration. Sorry for the trouble as this is the first time I'm using >>freeradius. Thanks >> >> >> >>Alan DeKok-4 wrote: >>> >>> virulence wrote: But however, I needed the realms to be stripped as all my users auth by only their username and password... Is there another way of doing it? >>> >>> If you're insisting that the realms MUST be stripped, then you will >>> have the problem you noted, which you say you don't want. The problem >>> is a direct result of your requirement that the realms be stripped. >>> >>> The message you responded to told you how to solve the problem. Try >>> the method that was suggested to you. Alternately, if you're not going >>> to follow the help given on this list, I'm not sure why you're asking >>> for help. >>> >>> Alan DeKok. >>> -- >>> http://deployingradius.com - The web site of the book >>> http://deployingradius.com/blog/ - The blog >>> - >>> List info/subscribe/unsubscribe? See >>> http://www.freeradius.org/list/users.html >>> >>> >> >>-- >>View this message in context: http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9537046 >>Sent from the FreeRadius - User mailing list archive at Nabble.com. >> >>- >>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >> >> > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- View this message in context: http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9539717 Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help needed with Realms (Freeradius) Urgent!
Just change username from abc to [EMAIL PROTECTED] . If you don't strip and put Realm = whatever as check item, username abc still won't match. Ivan Kalik Kalik Informatika ISP Dana 18/3/2007, "virulence" <[EMAIL PROTECTED]> piše: > >So sorry, there was a misunderstanding in what was allocated to me and I >would try what you said when I get back to office on Monday. > >Btw, for the realms, the configuration is just by putting nostrip under the >realm as in the proxy.conf >but for the users file, would putting realm = company.com work for binding >realm @company.com to abc user for example. Or may I know what is the full >configuration. Sorry for the trouble as this is the first time I'm using >freeradius. Thanks > > > >Alan DeKok-4 wrote: >> >> virulence wrote: >>> But however, I needed the realms to be stripped as all my users auth by >>> only >>> their username and password... Is there another way of doing it? >> >> If you're insisting that the realms MUST be stripped, then you will >> have the problem you noted, which you say you don't want. The problem >> is a direct result of your requirement that the realms be stripped. >> >> The message you responded to told you how to solve the problem. Try >> the method that was suggested to you. Alternately, if you're not going >> to follow the help given on this list, I'm not sure why you're asking >> for help. >> >> Alan DeKok. >> -- >> http://deployingradius.com - The web site of the book >> http://deployingradius.com/blog/ - The blog >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> > >-- >View this message in context: >http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9537046 >Sent from the FreeRadius - User mailing list archive at Nabble.com. > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Help needed with Realms (Freeradius) Urgent!
So sorry, there was a misunderstanding in what was allocated to me and I would try what you said when I get back to office on Monday. Btw, for the realms, the configuration is just by putting nostrip under the realm as in the proxy.conf but for the users file, would putting realm = company.com work for binding realm @company.com to abc user for example. Or may I know what is the full configuration. Sorry for the trouble as this is the first time I'm using freeradius. Thanks Alan DeKok-4 wrote: > > virulence wrote: >> But however, I needed the realms to be stripped as all my users auth by >> only >> their username and password... Is there another way of doing it? > > If you're insisting that the realms MUST be stripped, then you will > have the problem you noted, which you say you don't want. The problem > is a direct result of your requirement that the realms be stripped. > > The message you responded to told you how to solve the problem. Try > the method that was suggested to you. Alternately, if you're not going > to follow the help given on this list, I'm not sure why you're asking > for help. > > Alan DeKok. > -- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- View this message in context: http://www.nabble.com/Help-needed-with-Realms-%28Freeradius%29-Urgent%21-tf3412705.html#a9537046 Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : version 2; I cant wait
Alan, great, I cant wait for the magic ..:-). == Benjamin K. Eshun - Message d'origine De : Alan DeKok <[EMAIL PROTECTED]> À : FreeRadius users mailing list Envoyé le : Samedi, 17 Mars 2007, 17h46mn 18s Objet : Re: version 2 Norbert Wegener wrote: > On http://wiki.freeradius.org/Fail-over > I find an interesting feature, that would be very useful in some > configurations: ... > As mentioned there, it is available in version 2 of the server. > Is it already foreseeable, when approximately the version 2 of > freeradius will be available? Soon. I know I've been saying that for a while (too long now), but it looks pretty good. I have some code that has cleaned up a lot of the odd things in the server core, so I'm much more comfortable releasing a 2.0. So far, the features look like: - if/then/else in radiusd.conf - full IPv6 support - much more stable handling of home servers - separation of realms from home servers - addition of "home server pools", for failover & load balancing - magic feature 1 - magic feature 2 - :) I won't say what the magic features are. One will cause mild surprise. The other will cause great surprise. My plan right now is to test the code privately with a few early adopters who are sworn to secrecy. Once it looks like it works, the code will be made public, and a 2.0-pre0 will be announced. From my research on Google, the features will quadruple FreeRADIUS's potential install base. The features will also enable network administrators to do things that are currently impossible to do with open source software. And it looks like it's only 3k-4k lines of code. :) Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ___ Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses http://fr.answers.yahoo.com- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
