RE: (RADIATOR) @ in usernames, NoDefault not working
hi all, we upgraded from 2.17.1 to 2.18 and no changes in .cfg file. We use Authby LDAP2 too and we receive the message: Global symbol "@domain" requires explicit package name at (eval 238) line 1. This message did not appear before. To 'hide' it, we use SearchFilter and it works. Any comments about it will be wellcome regards, jules -Mensaje original- De: Hugh Irvine [mailto:[EMAIL PROTECTED]] Enviado el: viernes 6 de abril de 2001 7:46 Para: Robert Kiessling; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Asunto: Re: (RADIATOR) @ in usernames, NoDefault not working Hello Robert - I have also copied this mail to Mike for his comments. On Friday 06 April 2001 07:32, Robert Kiessling wrote: > Hi, > > with Radiator-2.18 and Perl 5.005_03, authenticating using AuthLDAP2, > I see two problems. > > First, I get the following error message if the username in the > authentication request contains an `@': > > Global symbol "@easynet" requires explicit package name at (eval 238) > line 1. > > A workaround is to add > > RewriteUsername s/\@/\\\@/ > > but surely this is not the expected behaviour? > I am sure it is not - Mike? > Second, NoDefault and NoDefaultIfFound do not seem to work. Even > though set, the LDAP server is still queried for DEFAULT if either the > user was not found in LDAP or the password ist wrong. > Both of these are AuthBy parameters and should be included within the AuthBy definition, not in the surrounding Realm. > And while I'm writing, are there plans to support failover from one > LDAP server to another, instead of not replying to the query? > You can set up multiple AuthBy clauses, with each one pointing at a different LDAP server. Then you would chain them together with an AuthByPolicy. Identifier CheckLDAPserver1 Hostlocalhost AuthDN AuthPassword HoldServerConnection BaseDN o=easynet.net UsernameAttruid PasswordAttruserPassword SearchFilter(&(uid=%1)(status=ACTIVE)(services=DIAL)) NoDefault NoDefaultIfFound Identifier CheckLDAPserver2 Hostotherhost AuthDN AuthPassword HoldServerConnection BaseDN o=easynet.net UsernameAttruid PasswordAttruserPassword SearchFilter(&(uid=%1)(status=ACTIVE)(services=DIAL)) NoDefault NoDefaultIfFound AuthByPolicy ContinueUntilAccept AuthBy CheckLDAPserver1 AuthBy CheckLDAPserver2 hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. ** Noticia legal Este mensaje electrónico contiene información de BT Telecomunicaciones S.A. que es privada y confidencial, siendo para el uso exclusivo de la persona (s) o entidades arriba mencionadas. Si usted no es el destinatario señalado, le informamos que cualquier divulgación, copia, distribución o uso de los contenidos está prohibida. Si usted ha recibido este mensaje por error, por favor borre su contenido y comuníquenoslo en la dirección [EMAIL PROTECTED] Gracias. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Radiator and OPIE
Hi All, We have just finished a trial version of AuthBy OPIE, for one-time password authentication via OPIE (one time passwords in everything) from Craig Metz, http://www.inner.net/opie If anyone is interested in trialling it, please contact me directly. Cheers. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) AuthBy NT problems
>the delays we are seeing are in the 5-10 second mark - would this be considered normal ? Just as you say - NT is a slow method for authentication if you are using the standard AuthBy NT module. I would suggest you contact Mike or Hugh and see if you can get the new version of this module. It authenticates by only checking if the user's password is ok. The old module checks by actually trying to change the password, and hence is very slow. > is there any way to extract a list of usernames/passwords from an NT PDC Unless your users are willing to write down their passwords for you then not really. You could try grabbing passwords off the wire, or crack the sam using something like John The Ripper or l0phtcrack. Unless your users have very simple passwords all these will take too long. A quicker method would be trojaning one of your network apps, but is it worth the hassle? >are there any other options that people have used that we could implement ? 1. Install Radiator on a BDC 2. Patch it with the latest AuthBy NT patch hth, Ash Kent Network Security Engineer United Energy Australia === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) accounting flat file to CSV ?
G'day Hugh, On Fri, 6 Apr 2001, Hugh Irvine wrote: > Hello Neale - > > On Thursday 05 April 2001 10:15, Neale Banks wrote: > > Greetings all, > > > > Not exclusively Radiator-relevant, but probably RADIUS+Perl relevant... > > > > Does anyone have any pointer to anything to convert flat-file accounting > > records to comma-separated format? > > You can use the AcctLogFileName and AcctLogFileFormat to specify any format > you wish. Sections 6.15.4 and 6.15.5 in the Radiator 2.18 reference manual. > > > Alternatively, any other solutions to the need to tabulate a user's STOP > > records to run some elementary stats over their sessions times and > > disconnect reasons? > > It would probably be simpler to write the data to an SQL database directly > and use an SQL report externally. Whilst these would both be good solutions for new records, unfortunately my current "challenge" is to extract some statistics from historical data which is in traditional flat-file accounting records. I'd be grateful of any suggestions anyone has regarding this. Thanks, Neale. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
No Subject
Hello, I tried to setup radius proxing by setting Radiator as forwarding radius and destination is Shiva Access Manager. So far, Radiator and Shiva Access Manager can talk to each other (I saw from log file of both). But Shiva Access Manager always shows that Radiator's password is wrong and does not authenticate. I check many times but it is still not working. I suspect password encrytion between Radiator and Shiva Access Manager is different. Do any one have any idea about this, please help me to fix this. Thank you very much. David Dissayanun Thailand - Get the Koolest Thai email at http://www.i-kool.com Multiple Skins, Easy to use, and Fully featured - === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) AuthBy NT problems
Hiyas, Just wondering about the clause, it seems that there is a rather large delay (compared to say, database authentication and flatfile authentication) when using the AuthBy NT authenticator, the delays we are seeing are in the 5-10 second mark - would this be considered normal ? If the answer is "yep, NT is a slow method to authenticate by" then is there any way to extract a list of usernames/passwords from an NT PDC and write them out to a flatfile which we could then use to authenticate to or are there any other options that people have used that we could implement ? -- Steve. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Using Radiator with Rodopi
Can anyone point me to some more info on using Radiator with Rodopi. I read the section in the FAQ covering ODBC connectivity with sybase modules but have little experience in this area. Any more documentation/info would be appreciated. Thanks, Andrew P. Kaplan CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.