Re: Expiration email
Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. From: Marinko Tarlać mangi...@gmail.com To: freeradius-users@lists.freeradius.org Sent: Tuesday, December 6, 2011 1:33 PM Subject: Re: Expiration email If you're asking me, I wouldn't mess with freeradius. Maybe the better idea is to create a small cron script which can read the database and send email according to the date and the time diff you want (1, 2, 3 etc days before the expiration) On 12/6/2011 3:54 AM, john decot wrote: Hi, I am looking for how to send email before expiration of account. The value used for the expiration in radius is character format. So, I would like to know how to compare the expiration data and send email accordingly. Thanks in advance. John. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Expiration email
thanks Fajar, Let me give a try. From: Fajar A. Nugraha l...@fajar.net To: john decot johnde...@yahoo.com; FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tuesday, December 6, 2011 6:38 PM Subject: Re: Expiration email On Tue, Dec 6, 2011 at 7:22 PM, john decot johnde...@yahoo.com wrote: Thanks for the reply. I am also trying same but couldn't compare with the field on the database as Expiration attribute use character value. I wish someone give me any idea on comparing those parameter inside database. Several ways I can think of (completely untested): (1) Use http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_str-to-date (or whatever equivalent function in your db) to convert the column to date before comparison (2) Pick a time to alert the user (e.g. ONE WEEK before expiration), then use whatever programming language of your choice (e.g. php) to convert the date into the format used in expiration attribute (e.g. using date_format). Then you only need to compare for exact string match. -- Fajar- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Expiration email
Hi, I am looking for how to send email before expiration of account. The value used for the expiration in radius is character format. So, I would like to know how to compare the expiration data and send email accordingly. Thanks in advance. John.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication Problem
Seems there. select * from radcheck where username='bob'; +-+--+++-+ | id | username | attribute | op | value | +-+--+++-+ | 386 | bob| Expiration | := | 25 Jun 2011 | | 385 | bob| Simultaneous-Use | = | 1 | | 384 | bob| Cleartext-Password | := | bob | From: Tim Sylvester tim.sylves...@networkradius.com To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 10:42:35 AM Subject: RE: Authentication Problem From:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org [mailto:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org] ] On Behalf Of john decot Sent: Monday, May 23, 2011 9:36 PM To: FreeRadius users mailing list Subject: Re: Authentication Problem I have backup from working server but still not working Please find the log: success Log: [sql]expand: %{User-Name} - rajnish [sql] sql_set_user escaped user -- 'rajnish' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'rajnish' ORDER BY id [sql] User found in radcheck table tim The user “rajnish” was found in the radcheck table … [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = BINARY '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radreply WHERE username = BINARY 'rajnish' ORDER BY id [sql] expand: SELECT groupname FROM usergroup WHERE username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT groupname FROM usergroup WHERE username = BINARY 'rajnish' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '128kbps_Unlimited' ORDER BY id [sql] User found in group 128kbps_Unlimited [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '128kbps_Unlimited' ORDER BY id rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok Failure Log: [sql] expand: %{User-Name} - bob [sql] sql_set_user escaped user -- 'bob' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'bob' ORDER BY id tim The user “bob” was not found in the radcheck table … [sql] expand: SELECT groupname FROM usergroup WHERE username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT groupname FROM usergroup WHERE username = BINARY 'bob' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '256kbps_Unlimited' ORDER BY id [sql] User found in group 256kbps_Unlimited tim The user “bob” was found in the radgroup table … [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '256kbps_Unlimited' ORDER BY id rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rlm_checkval: Could not find item named Calling-Station-Id in request rlm_checkval: Could not find attribute named Calling-Station-Id in check pairs ++[station-check] returns notfound rlm_checkval: Could not find item named NAS-Identifier in request rlm_checkval: Could not find attribute named NAS-Identifier in check pairs ++[NAS-check] returns notfound ++[expiration] returns noop rlm_logintime: Checking Login-Time: 'Su-Sa-2400' rlm_logintime: timestr returned unlimited ++[logintime] returns ok [pap] WARNING! No known good password found for the user. Authentication may fail
Re: Authentication Problem
SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'bob' ORDER BY id; +-+--++-++ | id | username | attribute | value | op | +-+--++-++ | 384 | bob| Cleartext-Password | bob | := | | 385 | bob| Simultaneous-Use | 1 | = | | 386 | bob| Expiration | 25 Jun 2011 | := | +-+--++-++ 3 rows in set (0.00 sec) From: Tim Sylvester tim.sylves...@networkradius.com To: john decot johnde...@yahoo.com; FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 1:08:55 PM Subject: RE: Authentication Problem What do you get when you run this query? SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'bob' ORDER BY id From:john decot [mailto:johnde...@yahoo.com] Sent: Monday, May 23, 2011 11:24 PM To: tim.sylves...@networkradius.com; FreeRadius users mailing list Subject: Re: Authentication Problem Seems there. select * from radcheck where username='bob'; +-+--+++-+ | id | username | attribute | op | value | +-+--+++-+ | 386 | bob| Expiration | := | 25 Jun 2011 | | 385 | bob| Simultaneous-Use | = | 1 | | 384 | bob| Cleartext-Password | := | bob | From:Tim Sylvester tim.sylves...@networkradius.com To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 10:42:35 AM Subject: RE: Authentication Problem From:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org [mailto:freeradius-users-bounces+tim.sylvester=networkradius@lists.freeradius.org] ] On Behalf Of john decot Sent: Monday, May 23, 2011 9:36 PM To: FreeRadius users mailing list Subject: Re: Authentication Problem I have backup from working server but still not working Please find the log: success Log: [sql]expand: %{User-Name} - rajnish [sql] sql_set_user escaped user -- 'rajnish' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'rajnish' ORDER BY id [sql] User found in radcheck table tim The user “rajnish” was found in the radcheck table … [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = BINARY '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radreply WHERE username = BINARY 'rajnish' ORDER BY id [sql] expand: SELECT groupname FROM usergroup WHERE username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT groupname FROM usergroup WHERE username = BINARY 'rajnish' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '128kbps_Unlimited' ORDER BY id [sql] User found in group 128kbps_Unlimited [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '128kbps_Unlimited' ORDER BY id rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok Failure Log: [sql] expand: %{User-Name} - bob [sql] sql_set_user escaped user -- 'bob' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'bob' ORDER BY id tim The user “bob” was not found in the radcheck table … [sql] expand: SELECT groupname FROM usergroup WHERE username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT groupname FROM usergroup WHERE username = BINARY 'bob' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute
Re: Authentication Problem
Thats it .. Problem was in operator I changed it to := and it works. Thankyou Fajar From: Fajar A. Nugraha l...@fajar.net To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 2:17:51 PM Subject: Re: Authentication Problem On Tue, May 24, 2011 at 3:20 PM, john decot johnde...@yahoo.com wrote: SELECT id, username, attribute, value, op FROM radcheck WHERE username = BINARY 'bob' ORDER BY id; +-+--++-++ | id | username | attribute | value | op | +-+--++-++ | 384 | bob| Cleartext-Password | bob | := | | 385 | bob| Simultaneous-Use | 1 | = | | 386 | bob| Expiration | 25 Jun 2011 | := | +-+--++-++ 3 rows in set (0.00 sec) That is odd. What happens when you remove Simultaneous-Use record for bob? -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication Problem
Hi , I have been using freeradius-server-2.1.10 . Dialupadmin is using for web based administration. It was working fine till yesterday. I have changed added attribute to check Max-All-Session. Then I have face problem of No authenticate method (Auth-Type) found for the request: Rejecting the user however the authorized section is working fine. After googling i have check with option default Auth-Type = Local but it was not success. this error occurs for new create user only , old user are authenticating normally. I have revert back my changes with removing attribute to check Max-All-Session but still the error exists. Please advise me. Regards, John- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication Problem
From: Fajar A. Nugraha l...@fajar.net To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 8:15:42 AM Subject: Re: Authentication Problem On Tue, May 24, 2011 at 9:20 AM, john decot johnde...@yahoo.com wrote: Hi , I have been using freeradius-server-2.1.10 . Dialupadmin is using for web based administration. It was working fine till yesterday. I have changed added attribute to check Max-All-Session. Then I have face problem of No authenticate method (Auth-Type) found for the request: Rejecting the user Max-All-Session alone should not cause that however the authorized section is working fine. After googling i have check with option default Auth-Type = Local but it was not success. Normally you should never have to mess with Auth-Type, unless you're doing some exotic setup (like LDAP bind with fallback to system user) this error occurs for new create user only , old user are authenticating normally. I have revert back my changes with removing attribute to check Max-All-Session but still the error exists. ... which again, simply confirms that Max-All-Session was not the cause of the problem Please advise me. You have changed something else and made it broken. Reverse that. I use git to record changes in /etc/raddb so I can have a record of what have changed. You might need something similar. In the mean time, see http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21 Since you say only some users experience it, compare the log for both the working and non-working user. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication Problem
' ORDER BY id [sql] expand: SELECT groupname FROM usergroup WHERE username = BINARY '%{SQL-User-Name}' ORDER BY priority - SELECT groupname FROM usergroup WHERE username = BINARY 'bob' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '256kbps_Unlimited' ORDER BY id [sql] User found in group 256kbps_Unlimited [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id - SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '256kbps_Unlimited' ORDER BY id rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rlm_checkval: Could not find item named Calling-Station-Id in request rlm_checkval: Could not find attribute named Calling-Station-Id in check pairs ++[station-check] returns notfound rlm_checkval: Could not find item named NAS-Identifier in request rlm_checkval: Could not find attribute named NAS-Identifier in check pairs ++[NAS-check] returns notfound ++[expiration] returns noop rlm_logintime: Checking Login-Time: 'Su-Sa-2400' rlm_logintime: timestr returned unlimited ++[logintime] returns ok [pap] WARNING! No known good password found for the user. Authentication may fail because of this. ++[pap] returns noop rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[noresetcounter] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} - bob attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 246 to 127.0.0.1 port 58102 Waking up in 4.6 seconds. Rgds, John From: Fajar A. Nugraha l...@fajar.net To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tue, May 24, 2011 8:15:42 AM Subject: Re: Authentication Problem On Tue, May 24, 2011 at 9:20 AM, john decot johnde...@yahoo.com wrote: Hi , I have been using freeradius-server-2.1.10 . Dialupadmin is using for web based administration. It was working fine till yesterday. I have changed added attribute to check Max-All-Session. Then I have face problem of No authenticate method (Auth-Type) found for the request: Rejecting the user Max-All-Session alone should not cause that however the authorized section is working fine. After googling i have check with option default Auth-Type = Local but it was not success. Normally you should never have to mess with Auth-Type, unless you're doing some exotic setup (like LDAP bind with fallback to system user) this error occurs for new create user only , old user are authenticating normally. I have revert back my changes with removing attribute to check Max-All-Session but still the error exists. ... which again, simply confirms that Max-All-Session was not the cause of the problem Please advise me. You have changed something else and made it broken. Reverse that. I use git to record changes in /etc/raddb so I can have a record of what have changed. You might need something similar. In the mean time, see http://wiki.freeradius.org/index.php/FAQ#It_still_doesn.27t_work.21 Since you say only some users experience it, compare the log for both the working and non-working user. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radkill
Hi, I have problem with some user not being terminate even logout. After googling I came know about radkill. Can anyone post some howto about radkill. Thank you, Rgds, John. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Radkill
Is there any other tools to disconnect unwanted cache users we can try? John. --- On Sun, 12/19/10, Robin freerad...@itpm.net wrote: From: Robin freerad...@itpm.net Subject: RE: Radkill To: 'FreeRadius users mailing list' freeradius-users@lists.freeradius.org Date: Sunday, December 19, 2010, 8:17 PM You should read below link firstly. http://wiki.freeradius.org/index.php/FAQ#radkill Robin From: freeradius-users-bounces+freeradius=itpm@lists.freeradius.org [mailto:freeradius-users-bounces+freeradius=itpm@lists.freeradius.org] On Behalf Of john decot Sent: Monday, December 20, 2010 10:41 AM To: freeradius-users@lists.freeradius.org Subject: Radkill Hi, I have problem with some user not being terminate even logout. After googling I came know about radkill. Can anyone post some howto about radkill. Thank you, Rgds, John. -Inline Attachment Follows- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Unable to Authenticate users
Thanks for your reply Alan . --- On Fri, 12/17/10, Alan DeKok al...@deployingradius.com wrote: From: Alan DeKok al...@deployingradius.com Subject: Re: Unable to Authenticate users To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Date: Friday, December 17, 2010, 6:33 AM john decot wrote: Hi, I am planing to use freeradius for authentication for lan users. The following are the radcheck parameters: mysql select * from radcheck; ++--++++ | id | username | attribute | op | value | ++--++++ | 17 | test1 | User-Password | := | $1$q79.qtrm$gD6D4znw2uBGIU0K3mt/1/ | The data is a Crypt-Password, not a User-Password. | 9 | test | Cleartext-Password | := | password1234 | ++--++++ Why the heck do you have *two* passwords? Just use Cleartext-Password. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Unable to Authenticate users
Hi, I am planing to use freeradius for authentication for lan users. The following are the radcheck parameters: mysql select * from radcheck; ++--++++ | id | username | attribute | op | value | ++--++++ | 17 | test1 | User-Password | := | $1$q79.qtrm$gD6D4znw2uBGIU0K3mt/1/ | | 9 | test | Cleartext-Password | := | password1234 | ++--++++ 2 rows in set (0.00 sec) The user test can authenticate as it is clear text password but when i try to authenticate user test1 I got error like Found Auth-Type = CHAP !!! !!! Replacing User-Password in config items with Cleartext-Password. !!! !!! !!! Please update your configuration so that the known good !!! !!! clear text password is in Cleartext-Password, and not in User-Password. !!! !!! and failed. I would like to implement password with encrypted as user test1. So, could you please help me how to resolve this issue. Thanking you, Regards, John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html