Re: Expiration email
Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. From: Marinko Tarlać mangi...@gmail.com To: freeradius-users@lists.freeradius.org Sent: Tuesday, December 6, 2011 1:33 PM Subject: Re: Expiration email If you're asking me, I wouldn't mess with freeradius. Maybe the better idea is to create a small cron script which can read the database and send email according to the date and the time diff you want (1, 2, 3 etc days before the expiration) On 12/6/2011 3:54 AM, john decot wrote: Hi, I am looking for how to send email before expiration of account. The value used for the expiration in radius is character format. So, I would like to know how to compare the expiration data and send email accordingly. Thanks in advance. John. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration email
thanks Fajar, Let me give a try. From: Fajar A. Nugraha l...@fajar.net To: john decot johnde...@yahoo.com; FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tuesday, December 6, 2011 6:38 PM Subject: Re: Expiration email On Tue, Dec 6, 2011 at 7:22 PM, john decot johnde...@yahoo.com wrote: Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. Several ways I can think of (completely untested): (1) Use http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_str-to-date (or whatever equivalent function in your db) to convert the column to date before comparison (2) Pick a time to alert the user (e.g. ONE WEEK before expiration), then use whatever programming language of your choice (e.g. php) to convert the date into the format used in expiration attribute (e.g. using date_format). Then you only need to compare for exact string match. -- Fajar- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Expiration email
Hi, I am looking for how to send email before expiration of account. The value used for the expiration in radius is character format. So, I would like to know how to compare the expiration data and send email accordingly. Thanks in advance. John.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication Problem
Seems there.
select * from radcheck where username='bob';
+-+--+++-+
| id | username | attribute | op | value |
+-+--+++-+
| 386 | bob| Expiration | := | 25 Jun 2011 |
| 385 | bob| Simultaneous-Use | = | 1 |
| 384 | bob| Cleartext-Password | := | bob |
From: Tim Sylvester tim.sylves...@networkradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tue, May 24, 2011 10:42:35 AM
Subject: RE: Authentication Problem
From:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org
[mailto:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org]
] On Behalf Of john decot
Sent: Monday, May 23, 2011 9:36 PM
To: FreeRadius users mailing list
Subject: Re: Authentication Problem
I have backup from working server but still not working
Please find the log:
success Log:
[sql]expand: %{User-Name} - rajnish
[sql] sql_set_user escaped user -- 'rajnish'
rlm_sql (sql): Reserving sql socket id: 3
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radcheck
WHERE username = BINARY 'rajnish' ORDER BY id
[sql] User found in radcheck table
tim The user “rajnish” was found in the radcheck table …
[sql] expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = BINARY '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radreply
WHERE username = BINARY 'rajnish' ORDER BY id
[sql] expand: SELECT groupname FROM usergroup WHERE
username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT
groupname FROM usergroup WHERE username = BINARY 'rajnish'
ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, Value, op FROM
radgroupcheck WHERE groupname = '128kbps_Unlimited' ORDER
BY
id
[sql] User found in group 128kbps_Unlimited
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = '128kbps_Unlimited' ORDER
BY
id
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
Failure Log:
[sql] expand: %{User-Name} - bob
[sql] sql_set_user escaped user -- 'bob'
rlm_sql (sql): Reserving sql socket id: 3
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radcheck
WHERE username = BINARY 'bob' ORDER BY id
tim The user “bob” was not found in the radcheck table …
[sql] expand: SELECT groupname FROM usergroup WHERE
username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT
groupname FROM usergroup WHERE username = BINARY 'bob'
ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, Value, op FROM
radgroupcheck WHERE groupname = '256kbps_Unlimited' ORDER
BY
id
[sql] User found in group 256kbps_Unlimited
tim The user “bob” was found in the radgroup table …
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = '256kbps_Unlimited' ORDER
BY
id
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
rlm_checkval: Could not find item named Calling-Station-Id in request
rlm_checkval: Could not find attribute named Calling-Station-Id in check pairs
++[station-check] returns notfound
rlm_checkval: Could not find item named NAS-Identifier in request
rlm_checkval: Could not find attribute named NAS-Identifier in check pairs
++[NAS-check] returns notfound
++[expiration] returns noop
rlm_logintime: Checking Login-Time: 'Su-Sa-2400'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
[pap] WARNING! No known good password found for the user. Authentication may
fail
Re: Authentication Problem
SELECT id, username, attribute, value, op FROM radcheck
WHERE
username = BINARY 'bob' ORDER BY id;
+-+--++-++
| id | username | attribute | value | op |
+-+--++-++
| 384 | bob| Cleartext-Password | bob | := |
| 385 | bob| Simultaneous-Use | 1 | = |
| 386 | bob| Expiration | 25 Jun 2011 | := |
+-+--++-++
3 rows in set (0.00 sec)
From: Tim Sylvester tim.sylves...@networkradius.com
To: john decot johnde...@yahoo.com; FreeRadius users mailing list
freeradius-users@lists.freeradius.org
Sent: Tue, May 24, 2011 1:08:55 PM
Subject: RE: Authentication Problem
What do you get when you run this query?
SELECT id, username, attribute, value, op FROM radcheck WHERE
username = BINARY 'bob' ORDER BY id
From:john decot [mailto:johnde...@yahoo.com]
Sent: Monday, May 23, 2011 11:24 PM
To: tim.sylves...@networkradius.com; FreeRadius users mailing list
Subject: Re: Authentication Problem
Seems there.
select * from radcheck where username='bob';
+-+--+++-+
| id | username | attribute | op | value |
+-+--+++-+
| 386 | bob| Expiration | := | 25 Jun 2011 |
| 385 | bob| Simultaneous-Use | = | 1 |
| 384 | bob| Cleartext-Password | := | bob |
From:Tim Sylvester tim.sylves...@networkradius.com
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tue, May 24, 2011 10:42:35 AM
Subject: RE: Authentication Problem
From:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org
[mailto:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org]
] On Behalf Of john decot
Sent: Monday, May 23, 2011 9:36 PM
To: FreeRadius users mailing list
Subject: Re: Authentication Problem
I have backup from working server but still not working
Please find the log:
success Log:
[sql]expand: %{User-Name} - rajnish
[sql] sql_set_user escaped user -- 'rajnish'
rlm_sql (sql): Reserving sql socket id: 3
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radcheck
WHERE username = BINARY 'rajnish' ORDER BY id
[sql] User found in radcheck table
tim The user “rajnish” was found in the radcheck table …
[sql] expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = BINARY '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radreply
WHERE username = BINARY 'rajnish' ORDER BY id
[sql] expand: SELECT groupname FROM usergroup WHERE
username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT
groupname FROM usergroup WHERE username = BINARY 'rajnish'
ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, Value, op FROM
radgroupcheck WHERE groupname = '128kbps_Unlimited' ORDER
BY
id
[sql] User found in group 128kbps_Unlimited
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = '128kbps_Unlimited' ORDER
BY
id
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
Failure Log:
[sql] expand: %{User-Name} - bob
[sql] sql_set_user escaped user -- 'bob'
rlm_sql (sql): Reserving sql socket id: 3
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radcheck
WHERE username = BINARY 'bob' ORDER BY id
tim The user “bob” was not found in the radcheck table …
[sql] expand: SELECT groupname FROM usergroup WHERE
username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT
groupname FROM usergroup WHERE username = BINARY 'bob'
ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute
Re: Authentication Problem
Thats it .. Problem was in operator I changed it to := and it works. Thankyou Fajar From: Fajar A. Nugraha l...@fajar.net To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 2:17:51 PM Subject: Re: Authentication Problem On Tue, May 24, 2011 at 3:20 PM, john decot johnde...@yahoo.com wrote: SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'bob' ORDER BY id; +-+--++-++ | id | username | attribute | value | op | +-+--++-++ | 384 | bob| Cleartext-Password | bob | := | | 385 | bob| Simultaneous-Use | 1 | = | | 386 | bob| Expiration | 25 Jun 2011 | := | +-+--++-++ 3 rows in set (0.00 sec) That is odd. What happens when you remove Simultaneous-Use record for bob? -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication Problem
Hi , I have been using freeradius-server-2.1.10 . Dialupadmin is using for web based administration. It was working fine till yesterday. I have changed added attribute to check Max-All-Session. Then I have face problem of No authenticate method (Auth-Type) found for the request: Rejecting the user however the authorized section is working fine. After googling i have check with option default Auth-Type = Local but it was not success. this error occurs for new create user only , old user are authenticating normally. I have revert back my changes with removing attribute to check Max-All-Session but still the error exists. Please advise me. Regards, John- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication Problem
From: Fajar A. Nugraha l...@fajar.net To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 8:15:42 AM Subject: Re: Authentication Problem On Tue, May 24, 2011 at 9:20 AM, john decot johnde...@yahoo.com wrote: Hi , I have been using freeradius-server-2.1.10 . Dialupadmin is using for web based administration. It was working fine till yesterday. I have changed added attribute to check Max-All-Session. Then I have face problem of No authenticate method (Auth-Type) found for the request: Rejecting the user Max-All-Session alone should not cause that however the authorized section is working fine. After googling i have check with option default Auth-Type = Local but it was not success. Normally you should never have to mess with Auth-Type, unless you're doing some exotic setup (like LDAP bind with fallback to system user) this error occurs for new create user only , old user are authenticating normally. I have revert back my changes with removing attribute to check Max-All-Session but still the error exists. ... which again, simply confirms that Max-All-Session was not the cause of the problem Please advise me. You have changed something else and made it broken. Reverse that. I use git to record changes in /etc/raddb so I can have a record of what have changed. You might need something similar. In the mean time, see http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21 Since you say only some users experience it, compare the log for both the working and non-working user. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication Problem
' ORDER BY id
[sql] expand: SELECT groupname FROM usergroup WHERE username
=
BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT groupname
FROM usergroup WHERE username = BINARY 'bob' ORDER BY
priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, Value, op FROM
radgroupcheck WHERE groupname = '256kbps_Unlimited' ORDER
BY
id
[sql] User found in group 256kbps_Unlimited
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER
BY
id - SELECT id, groupname, attribute, value, op FROM
radgroupreply WHERE groupname = '256kbps_Unlimited' ORDER
BY
id
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
rlm_checkval: Could not find item named Calling-Station-Id in request
rlm_checkval: Could not find attribute named Calling-Station-Id in check pairs
++[station-check] returns notfound
rlm_checkval: Could not find item named NAS-Identifier in request
rlm_checkval: Could not find attribute named NAS-Identifier in check pairs
++[NAS-check] returns notfound
++[expiration] returns noop
rlm_logintime: Checking Login-Time: 'Su-Sa-2400'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
[pap] WARNING! No known good password found for the user. Authentication may
fail because of this.
++[pap] returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
++[noresetcounter] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the
user
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} - bob
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 246 to 127.0.0.1 port 58102
Waking up in 4.6 seconds.
Rgds,
John
From: Fajar A. Nugraha l...@fajar.net
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tue, May 24, 2011 8:15:42 AM
Subject: Re: Authentication Problem
On Tue, May 24, 2011 at 9:20 AM, john decot johnde...@yahoo.com wrote:
Hi ,
I have been using freeradius-server-2.1.10 . Dialupadmin is using for web
based administration. It was working fine till yesterday. I have changed
added attribute to check Max-All-Session. Then I have face problem of
No authenticate method (Auth-Type) found for the request: Rejecting the
user
Max-All-Session alone should not cause that
however the authorized section is working fine. After googling i have check
with option default Auth-Type = Local but it was not success.
Normally you should never have to mess with Auth-Type, unless you're
doing some exotic setup (like LDAP bind with fallback to system user)
this error
occurs for new create user only , old user are authenticating normally.
I have revert back my changes with removing attribute to check
Max-All-Session but still the error exists.
... which again, simply confirms that Max-All-Session was not the
cause of the problem
Please advise me.
You have changed something else and made it broken. Reverse that.
I use git to record changes in /etc/raddb so I can have a record of
what have changed. You might need something similar.
In the mean time, see
http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21
Since you say only some users experience it, compare the log for both
the working and non-working user.
--
Fajar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radkill
Hi, I have problem with some user not being terminate even logout. After googling I came know about radkill. Can anyone post some howto about radkill. Thank you, Rgds, John. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Radkill
Is there any other tools to disconnect unwanted cache users we can try? John. --- On Sun, 12/19/10, Robin freerad...@itpm.net wrote: From: Robin freerad...@itpm.net Subject: RE: Radkill To: 'FreeRadius users mailing list' freeradius-users@lists.freeradius.org Date: Sunday, December 19, 2010, 8:17 PM You should read below link firstly. http://wiki.freeradius.org/index.php/FAQ#radkill Robin From: freeradius-users-bounces+freeradius=itpm@lists.freeradius.org [mailto:freeradius-users-bounces+freeradius=itpm@lists.freeradius.org] On Behalf Of john decot Sent: Monday, December 20, 2010 10:41 AM To: freeradius-users@lists.freeradius.org Subject: Radkill Hi, I have problem with some user not being terminate even logout. After googling I came know about radkill. Can anyone post some howto about radkill. Thank you, Rgds, John. -Inline Attachment Follows- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Unable to Authenticate users
Thanks for your reply Alan . --- On Fri, 12/17/10, Alan DeKok al...@deployingradius.com wrote: From: Alan DeKok al...@deployingradius.com Subject: Re: Unable to Authenticate users To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Date: Friday, December 17, 2010, 6:33 AM john decot wrote: Hi, I am planing to use freeradius for authentication for lan users. The following are the radcheck parameters: mysql select * from radcheck; ++--++++ | id | username | attribute | op | value | ++--++++ | 17 | test1 | User-Password | := | $1$q79.qtrm$gD6D4znw2uBGIU0K3mt/1/ | The data is a Crypt-Password, not a User-Password. | 9 | test | Cleartext-Password | := | password1234 | ++--++++ Why the heck do you have *two* passwords? Just use Cleartext-Password. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Unable to Authenticate users
Hi, I am planing to use freeradius for authentication for lan users. The following are the radcheck parameters: mysql select * from radcheck; ++--++++ | id | username | attribute | op | value | ++--++++ | 17 | test1 | User-Password | := | $1$q79.qtrm$gD6D4znw2uBGIU0K3mt/1/ | | 9 | test | Cleartext-Password | := | password1234 | ++--++++ 2 rows in set (0.00 sec) The user test can authenticate as it is clear text password but when i try to authenticate user test1 I got error like Found Auth-Type = CHAP !!! !!! Replacing User-Password in config items with Cleartext-Password. !!! !!! !!! Please update your configuration so that the known good !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!! !!! and failed. I would like to implement password with encrypted as user test1. So, could you please help me how to resolve this issue. Thanking you, Regards, John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
