RE: (RADIATOR) @ in usernames, NoDefault not working
hi all, we upgraded from 2.17.1 to 2.18 and no changes in .cfg file. We use Authby LDAP2 too and we receive the message: Global symbol "@domain" requires explicit package name at (eval 238) line 1. This message did not appear before. To 'hide' it, we use SearchFilter and it works. Any comments about it will be wellcome regards, jules -Mensaje original- De: Hugh Irvine [mailto:[EMAIL PROTECTED]] Enviado el: viernes 6 de abril de 2001 7:46 Para: Robert Kiessling; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Asunto: Re: (RADIATOR) @ in usernames, NoDefault not working Hello Robert - I have also copied this mail to Mike for his comments. On Friday 06 April 2001 07:32, Robert Kiessling wrote: Hi, with Radiator-2.18 and Perl 5.005_03, authenticating using AuthLDAP2, I see two problems. First, I get the following error message if the username in the authentication request contains an `@': Global symbol "@easynet" requires explicit package name at (eval 238) line 1. A workaround is to add RewriteUsername s/\@/\\\@/ but surely this is not the expected behaviour? I am sure it is not - Mike? Second, NoDefault and NoDefaultIfFound do not seem to work. Even though set, the LDAP server is still queried for DEFAULT if either the user was not found in LDAP or the password ist wrong. Both of these are AuthBy parameters and should be included within the AuthBy definition, not in the surrounding Realm. And while I'm writing, are there plans to support failover from one LDAP server to another, instead of not replying to the query? You can set up multiple AuthBy clauses, with each one pointing at a different LDAP server. Then you would chain them together with an AuthByPolicy. AuthBy LDAP2 Identifier CheckLDAPserver1 Hostlocalhost AuthDN deleted AuthPassworddeleted HoldServerConnection BaseDN o=easynet.net UsernameAttruid PasswordAttruserPassword SearchFilter((uid=%1)(status=ACTIVE)(services=DIAL)) NoDefault NoDefaultIfFound /AuthBy AuthBy LDAP2 Identifier CheckLDAPserver2 Hostotherhost AuthDN deleted AuthPassworddeleted HoldServerConnection BaseDN o=easynet.net UsernameAttruid PasswordAttruserPassword SearchFilter((uid=%1)(status=ACTIVE)(services=DIAL)) NoDefault NoDefaultIfFound /AuthBy Realm DEFAULT AuthByPolicy ContinueUntilAccept AuthBy CheckLDAPserver1 AuthBy CheckLDAPserver2 /Realm hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. ** Noticia legal Este mensaje electrnico contiene informacin de BT Telecomunicaciones S.A. que es privada y confidencial, siendo para el uso exclusivo de la persona (s) o entidades arriba mencionadas. Si usted no es el destinatario sealado, le informamos que cualquier divulgacin, copia, distribucin o uso de los contenidos est prohibida. Si usted ha recibido este mensaje por error, por favor borre su contenido y comunquenoslo en la direccin [EMAIL PROTECTED] Gracias. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Authenticating against an NT domain
--- Forwarded mail from [EMAIL PROTECTED] Date: Mon, 9 Apr 2001 17:40:26 +1000 (EST) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Simon J Pope [EMAIL PROTECTED]] From mikem Mon Apr 9 17:40:17 2001 Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA11309 for [EMAIL PROTECTED]; Mon, 9 Apr 2001 17:40:16 +1000 (EST) Received: from mpower3.marshmc.com (mpower3.marshmc.com [206.8.63.131]) by perki.connect.com.au with ESMTP id RAA10262 (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Mon, 9 Apr 2001 17:14:20 +1000 (EST) Received: from mpower3.marshmc.com (mpower3.marshmc.com [206.8.63.131]) by perki.connect.com.au with ESMTP id RAA10262 (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Mon, 9 Apr 2001 17:14:20 +1000 (EST) Received: from [168.74.83.43] by mpower3.marshmc.com with ESMTP for [EMAIL PROTECTED]; Mon, 9 Apr 2001 07:14:21 Z Received: from marsh40-gw.email.marshmc.com by marsh3.marshmc.com (X.400 to RFC822 Gateway); Mon, 9 Apr 2001 07:14:14 Z 09 Apr 2001 07:14:00 Z X400-Received: by mta MTAmrshmc1 in /c=US/admd=mci/prmd=marshmc/; Relayed; 09 Apr 2001 07:14:00 Z X400-Received: by /c=US/admd=mci/prmd=marshmc/; Relayed; 09 Apr 2001 07:14:00 Z X400-MTS-Identifier: [/c=US/admd=mci/prmd=marshmc/; 0423D3AD16138155-mrshmc1] Content-Identifier: 0423D3AD16138155 Content-Return: Allowed X400-Content-Type: P2-1988 ( 22 ) Conversion: Allowed Original-Encoded-Information-Types: IA5-Text Priority: normal Disclose-Recipients: Prohibited Alternate-Recipient: Allowed X400-Originator: [EMAIL PROTECTED] X400-Recipients: non-disclosure; Message-Id: 0423D3AD16138155*/c=AU/admd=mci/prmd=marshmc/o=email/ou=NotesWREN/s=Pope/g=Simon/i=J/@MHS Date: 09 Apr 2001 07:14:00 Z From: Simon J Pope [EMAIL PROTECTED] To: radiator [EMAIL PROTECTED] Subject: Authenticating against an NT domain Content-Type: text I have installed the latest version of Active State perl and Radiator 2.18 plus patches. My configuration file points it to my NT domain yet when I start Radiator it errors claiming that Win32:RasAdmin is required. I can not find this as an installable package. Does any body know what i am doing wrong? For the record I am running Radiator on an NT v4.0 server sp6a which is also the PDC i am trying to authenticate against. ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) @ in usernames, NoDefault not working
Hello Julio, The message you see is an unfiortunate side effect of some recent changes to AuthBy LDAP2. Those changes will be backed out in the next release. IN the meantime, you can fix this by commenting out this line in AuthLDAP2.pm: #$filter = eval qq/"$filter"/; # Interpolate perl vars Hope that helps. Cheers. On Apr 9, 8:50am, [EMAIL PROTECTED] wrote: Subject: RE: (RADIATOR) @ in usernames, NoDefault not working hi all, we upgraded from 2.17.1 to 2.18 and no changes in .cfg file. We use Authby LDAP2 too and we receive the message: Global symbol "@domain" requires explicit package name at (eval 238) line 1. This message did not appear before. To 'hide' it, we use SearchFilter and it works. Any comments about it will be wellcome regards, jules -Mensaje original- De: Hugh Irvine [mailto:[EMAIL PROTECTED]] Enviado el: viernes 6 de abril de 2001 7:46 Para: Robert Kiessling; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Asunto: Re: (RADIATOR) @ in usernames, NoDefault not working Hello Robert - I have also copied this mail to Mike for his comments. On Friday 06 April 2001 07:32, Robert Kiessling wrote: Hi, with Radiator-2.18 and Perl 5.005_03, authenticating using AuthLDAP2, I see two problems. First, I get the following error message if the username in the authentication request contains an `@': Global symbol "@easynet" requires explicit package name at (eval 238) line 1. A workaround is to add RewriteUsername s/\@/\\\@/ but surely this is not the expected behaviour? I am sure it is not - Mike? Second, NoDefault and NoDefaultIfFound do not seem to work. Even though set, the LDAP server is still queried for DEFAULT if either the user was not found in LDAP or the password ist wrong. Both of these are AuthBy parameters and should be included within the AuthBy definition, not in the surrounding Realm. And while I'm writing, are there plans to support failover from one LDAP server to another, instead of not replying to the query? You can set up multiple AuthBy clauses, with each one pointing at a different LDAP server. Then you would chain them together with an AuthByPolicy. AuthBy LDAP2 Identifier CheckLDAPserver1 Hostlocalhost AuthDN deleted AuthPassworddeleted HoldServerConnection BaseDN o=easynet.net UsernameAttruid PasswordAttruserPassword SearchFilter((uid=%1)(status=ACTIVE)(services=DIAL)) NoDefault NoDefaultIfFound /AuthBy AuthBy LDAP2 Identifier CheckLDAPserver2 Hostotherhost AuthDN deleted AuthPassworddeleted HoldServerConnection BaseDN o=easynet.net UsernameAttruid PasswordAttruserPassword SearchFilter((uid=%1)(status=ACTIVE)(services=DIAL)) NoDefault NoDefaultIfFound /AuthBy Realm DEFAULT AuthByPolicy ContinueUntilAccept AuthBy CheckLDAPserver1 AuthBy CheckLDAPserver2 /Realm hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. ** Noticia legal Este mensaje electrnico contiene informacin de BT Telecomunicaciones S.A. que es privada y confidencial, siendo para el uso exclusivo de la persona (s) o entidades arriba mencionadas. Si usted no es el destinatario sealado, le informamos que cualquier divulgacin, copia, distribucin o uso de los contenidos est prohibida. Si usted ha recibido este mensaje por error, por favor borre su contenido y comunquenoslo en la direccin [EMAIL PROTECTED] Gracias. -- End of excerpt from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at
(RADIATOR) Accounting data not going anywhere!
Hello, I am trying to configure Radiator to log accounting data to my postgres database. The Authorization works fine, rejects and accepts okay. However no accounting data arrives in the named accounting table. If in my AuthBy SQL section I override the default accounting column names, I get an error in the trace where it tries to run an INSERT statement with no VALUES, i.e.: INSERT INTO radius_accounting () VALUES () gets a syntax error on ')' shrug Thanks in Advance. Jamz. my radius.cfg looks like: # Set this to the database directory. It should contain these files: # dictionary The dictionary for your NAS DbDir /usr/local/etc/raddb #AuthPort 1645 AuthPort16450 #AcctPort 1646 AcctPort16460 #Foreground #LogStdout # User a lower trace level in production systems: Trace 4 SnmpgetProg /usr/local/bin/snmpget # This clause defines a single client to listen to Client adl-5300-1.airnet.com.au NasType Cisco Secret xx DefaultRealm airnet.com.au /Client Client DEFAULT Secret mysecret DupInterval 0 DefaultRealm airnet.com.au /Client Realm airnet.com.au # Take realm off the end of the username before Auth. RewriteUsername s/^([^@]+).*/$1/ AuthBy SQL # AuthSelect with empty string means dont do auth AuthSelect select PASSWORD, CHECKATTR, REPLYATTR FROM subscriber WHERE username =%0 DBSourcedbi:Pg:host=dbhost;dbname=bmf DBUsername radius DBAuth x AccountingTable radius_accounting /AuthBy /Realm The output is as follows: [root@radius Radiator-2.18]# radpwtst -user cmma -password xx -auth_port 16450 -acct_port 16460 -delay_time 3 -output_octets 3000 sending Access-Request... OK sending Accounting-Request Start... OK sending Accounting-Request Stop... OK Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1035 Code: Access-Request Identifier: 27 Authentic: 1234567890123456 Attributes: User-Name = "cmma" Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 Called-Station-Id = "123456789" Calling-Station-Id = "987654321" NAS-Port-Type = Async User-Password = "154234+152159l4146211_9160216}x153" Mon Apr 9 17:45:27 2001: DEBUG: Handling request with Handler 'Realm=airnet.com.au' Mon Apr 9 17:45:27 2001: DEBUG: Rewrote user name to cmma Mon Apr 9 17:45:27 2001: DEBUG: Deleting session for cmma, 203.63.154.1, 1234 Mon Apr 9 17:45:27 2001: DEBUG: Handling with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Handling with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Query is: select PASSWORD, CHECKATTR, REPLYATTR FROM subscriber WHERE username ='cmma' Mon Apr 9 17:45:27 2001: DEBUG: Radius::AuthSQL looks for match with cmma Mon Apr 9 17:45:27 2001: DEBUG: Radius::AuthSQL ACCEPT: Mon Apr 9 17:45:27 2001: DEBUG: Access accepted for cmma Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Sending to 127.0.0.1 port 1035 Code: Access-Accept Identifier: 27 Authentic: 1234567890123456 Attributes: Service-Type = Framed-User Framed-Compression = Van-Jacobson-TCP-IP Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1035 Code: Accounting-Request Identifier: 28 Authentic: ^21716822215254170O146%247l137153q3 Attributes: User-Name = "cmma" Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = "1234" Acct-Status-Type = Start Called-Station-Id = "123456789" Calling-Station-Id = "987654321" Mon Apr 9 17:45:27 2001: DEBUG: Handling request with Handler 'Realm=airnet.com.au' Mon Apr 9 17:45:27 2001: DEBUG: Rewrote user name to cmma Mon Apr 9 17:45:27 2001: DEBUG: Adding session for cmma, 203.63.154.1, 1234 Mon Apr 9 17:45:27 2001: DEBUG: Handling with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Handling accounting with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Accounting accepted Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Sending to 127.0.0.1 port 1035 Code: Accounting-Response Identifier: 28 Authentic: ^21716822215254170O146%247l137153q3 Attributes: Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1035 Code: Accounting-Request Identifier: 29 Authentic: 138?14022915317234OC18192230y10147 Attributes: User-Name = "cmma" Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = "1234" Acct-Status-Type = Stop Called-Station-Id = "123456789" Calling-Station-Id = "987654321" Acct-Delay-Time = 3
Re: (RADIATOR) (Radiator) Problem with dial-up users
Hi Hugh, --- Hugh Irvine [EMAIL PROTECTED] wrote: [snip] Which customer is this? The same old TMB. Somehow the radius server was rebooted, and the data in DB AuthBy DYNAADDRESS is not correct as the "netmask" is 255.255.255.0. So when the new user logs on, the RAS will broadcast the IP and claim the class C address with that netmask. ;) The obvious question is "what has changed?". Before I hard-coded that netmask to the configuration file. Somehow it got changed along with quite a few things without my knowledge. This is part of the problem - why is the NAS-Port attribute now 0? It should indicate the port number on the NAS to which the user is connected. I will need to check on this again whether this problem still exists. Thanks for all the help, esp. very fast turnaround time. Wish I had time to reply then. Regards, Peter = P. Srivaree-Ratana __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Accounting data not going anywhere!
Hello Jamz - Could you please send me the name of the registered owner of the company that purchased this copy of Radiator? thanks very much regards Hugh At 17:50 +0930 01/4/9, [EMAIL PROTECTED] wrote: Hello, I am trying to configure Radiator to log accounting data to my postgres database. The Authorization works fine, rejects and accepts okay. However no accounting data arrives in the named accounting table. If in my AuthBy SQL section I override the default accounting column names, I get an error in the trace where it tries to run an INSERT statement with no VALUES, i.e.: INSERT INTO radius_accounting () VALUES () gets a syntax error on ')' shrug Thanks in Advance. Jamz. my radius.cfg looks like: # Set this to the database directory. It should contain these files: # dictionary The dictionary for your NAS DbDir /usr/local/etc/raddb #AuthPort 1645 AuthPort16450 #AcctPort 1646 AcctPort16460 #Foreground #LogStdout # User a lower trace level in production systems: Trace 4 SnmpgetProg /usr/local/bin/snmpget # This clause defines a single client to listen to Client adl-5300-1.airnet.com.au NasType Cisco Secret xx DefaultRealm airnet.com.au /Client Client DEFAULT Secret mysecret DupInterval 0 DefaultRealm airnet.com.au /Client Realm airnet.com.au # Take realm off the end of the username before Auth. RewriteUsername s/^([^@]+).*/$1/ AuthBy SQL # AuthSelect with empty string means dont do auth AuthSelect select PASSWORD, CHECKATTR, REPLYATTR FROM subscriber WHERE username =%0 DBSourcedbi:Pg:host=dbhost;dbname=bmf DBUsername radius DBAuth x AccountingTable radius_accounting /AuthBy /Realm The output is as follows: [root@radius Radiator-2.18]# radpwtst -user cmma -password xx -auth_port 16450 -acct_port 16460 -delay_time 3 -output_octets 3000 sending Access-Request... OK sending Accounting-Request Start... OK sending Accounting-Request Stop... OK Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1035 Code: Access-Request Identifier: 27 Authentic: 1234567890123456 Attributes: User-Name = "cmma" Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 Called-Station-Id = "123456789" Calling-Station-Id = "987654321" NAS-Port-Type = Async User-Password = "154234+152159l4146211_9160216}x153" Mon Apr 9 17:45:27 2001: DEBUG: Handling request with Handler 'Realm=airnet.com.au' Mon Apr 9 17:45:27 2001: DEBUG: Rewrote user name to cmma Mon Apr 9 17:45:27 2001: DEBUG: Deleting session for cmma, 203.63.154.1, 1234 Mon Apr 9 17:45:27 2001: DEBUG: Handling with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Handling with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Query is: select PASSWORD, CHECKATTR, REPLYATTR FROM subscriber WHERE username ='cmma' Mon Apr 9 17:45:27 2001: DEBUG: Radius::AuthSQL looks for match with cmma Mon Apr 9 17:45:27 2001: DEBUG: Radius::AuthSQL ACCEPT: Mon Apr 9 17:45:27 2001: DEBUG: Access accepted for cmma Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Sending to 127.0.0.1 port 1035 Code: Access-Accept Identifier: 27 Authentic: 1234567890123456 Attributes: Service-Type = Framed-User Framed-Compression = Van-Jacobson-TCP-IP Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1035 Code: Accounting-Request Identifier: 28 Authentic: ^21716822215254170O146%247l137153q3 Attributes: User-Name = "cmma" Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Acct-Session-Id = "1234" Acct-Status-Type = Start Called-Station-Id = "123456789" Calling-Station-Id = "987654321" Mon Apr 9 17:45:27 2001: DEBUG: Handling request with Handler 'Realm=airnet.com.au' Mon Apr 9 17:45:27 2001: DEBUG: Rewrote user name to cmma Mon Apr 9 17:45:27 2001: DEBUG: Adding session for cmma, 203.63.154.1, 1234 Mon Apr 9 17:45:27 2001: DEBUG: Handling with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Handling accounting with Radius::AuthSQL Mon Apr 9 17:45:27 2001: DEBUG: Accounting accepted Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Sending to 127.0.0.1 port 1035 Code: Accounting-Response Identifier: 28 Authentic: ^21716822215254170O146%247l137153q3 Attributes: Mon Apr 9 17:45:27 2001: DEBUG: Packet dump: *** Received from 127.0.0.1 port 1035 Code: Accounting-Request Identifier: 29 Authentic: 138?14022915317234OC18192230y10147 Attributes: User-Name = "cmma" Service-Type = Framed-User NAS-IP-Address =
Re: (RADIATOR) Using Radiator with Rodopi
Hello Andrew - What platforms are you running on? If you are running Radiator directly on NT, you can just use the standard DBI module which contains DBD-ODBC. This is also a very easy way to get from a UNIX host running Radiator as well - just run a radius proxy to a system as above. Otherwise, if you really want to connect from a UNIX host, you can indeed use the Sybase client libraries, or you can use the DBD-Proxy module, or you can use the the other options listed on the FAQ. I posted a fairly complete description of this topic to the list some time ago, so check the archive site and do a search on "IMPORTANT". hth Hugh At 17:39 -0400 01/4/8, Andrew P. Kaplan wrote: Can anyone point me to some more info on using Radiator with Rodopi. I read the section in the FAQ covering ODBC connectivity with sybase modules but have little experience in this area. Any more documentation/info would be appreciated. Thanks, Andrew P. Kaplan CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Authenticating against an NT domain
Hello Simon - From memory, the ActiveState web page has a complete list of packages available for all three platforms they support - you should be able to find it there. hth Hugh I have installed the latest version of Active State perl and Radiator 2.18 plus patches. My configuration file points it to my NT domain yet when I start Radiator it errors claiming that Win32:RasAdmin is required. I can not find this as an installable package. Does any body know what i am doing wrong? For the record I am running Radiator on an NT v4.0 server sp6a which is also the PDC i am trying to authenticate against. ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) accounting flat file to CSV ?
Hello Neale - Have you had a look in the goodies directory to see if there is anything there? Otherwise I am sure someone on the list has done this at lease once. regards Hugh At 13:45 +1000 01/4/9, Neale Banks wrote: G'day Hugh, On Fri, 6 Apr 2001, Hugh Irvine wrote: Hello Neale - On Thursday 05 April 2001 10:15, Neale Banks wrote: Greetings all, Not exclusively Radiator-relevant, but probably RADIUS+Perl relevant... Does anyone have any pointer to anything to convert flat-file accounting records to comma-separated format? You can use the AcctLogFileName and AcctLogFileFormat to specify any format you wish. Sections 6.15.4 and 6.15.5 in the Radiator 2.18 reference manual. Alternatively, any other solutions to the need to tabulate a user's STOP records to run some elementary stats over their sessions times and disconnect reasons? It would probably be simpler to write the data to an SQL database directly and use an SQL report externally. Whilst these would both be good solutions for new records, unfortunately my current "challenge" is to extract some statistics from historical data which is in traditional flat-file accounting records. I'd be grateful of any suggestions anyone has regarding this. Thanks, Neale. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re:
Hello David - Could you please send me the name of the registered owner of the company that purchased this copy of Radiator? thanks very much regards Hugh At 2:39 + 01/4/9, [EMAIL PROTECTED] wrote: Hello, I tried to setup radius proxing by setting Radiator as forwarding radius and destination is Shiva Access Manager. So far, Radiator and Shiva Access Manager can talk to each other (I saw from log file of both). But Shiva Access Manager always shows that Radiator's password is wrong and does not authenticate. I check many times but it is still not working. I suspect password encrytion between Radiator and Shiva Access Manager is different. Do any one have any idea about this, please help me to fix this. Thank you very much. David Dissayanun Thailand - Get the Koolest Thai email at http://www.i-kool.com Multiple Skins, Easy to use, and Fully featured - === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Accounting-Response problem
Hi, I have problem with Radiator-2.18 in FreeBSD 4.0. All modules installed. All is working fine except Radiator is not sending accounting-response after receivingaccounting-request from NAS. Here is my radiator config file. # radius.cfg ForegroundTrace5 AuthPort1645AcctPort1646 LogDir/var/log/radiusDbDir/usr/local/var/radius LogFile%L/logfile DictionaryFile %D/dictionary#DictionaryFile %D/dictionary.cisco#DictionaryFile %D/dictionary.ascend#DictionaryFile %D/dictionary.ascend2 FingerProg /usr/bin/fingerSnmpgetProg /usr/local/bin/snmpget #RewriteUsernametr/[A-Z]/[a-z]/#RewriteUsernames/\S+//g #PreClientHooksub { print "Here I am in PreClentHook\n"; }#StartupHook sub {print "here I am in StartupHook $_[0]\n";} Client x.x.x.xSecretxxxDupInterval 0NoIgnoreDuplicates Access-RequestNasType Cisco#NasType Ascend#RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/StatusServerShowClientDetails/Client Client z.z.z.zSecretxxxDupInterval 0NoIgnoreDuplicates Access-RequestNasType Cisco#NasType Ascend#RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/StatusServerShowClientDetails/Client Client DEFAULTSecretxxxDupInterval 0NoIgnoreDuplicates Access-RequestNasType Cisco#NasType Ascend#RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/StatusServerShowClientDetails/Client###Realm DEFAULT#Handler #RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/ MaxSessions1#AcctLogFileName%L/detail #AcctLogFileFormat %{Timestamp} %{Acct-Session-Id} %{User-Name} #WtmpFileName %L/wtmp#PasswordLogFileName %L/password.log RejectHasReason AuthByPolicy ContinueWhileIgnoreAccountingHandled SessionDatabase SQL1 AuthBy SQLDBSourcedbi:mysql:radiusDBUsernamerootDBAuthxxx #AuthSelect select PASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%n'AuthSelect select PASSWORD,REPLYATTR,TIMELEFT from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AuthColumnDef 1, GENERIC, replyAuthColumnDef 2, Session-Timeout, reply AddToReply Framed-Protocol = PPP,Service-Type = Framed-User,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP AccountingTableACCOUNTINGAccountingStopsOnly AcctColumnDefUSERNAME,User-NameAcctColumnDefTIME_STAMP,Timestamp,integerAcctColumnDefACCTSTATUSTYPE,Acct-Status-TypeAcctColumnDefACCTDELAYTIME,Acct-Delay-Time,integerAcctColumnDefACCTINPUTOCTETS,Acct-Input-Octets,integerAcctColumnDefACCTOUTPUTOCTETS,Acct-Output-Octets,integerAcctColumnDefACCTSESSIONID,Acct-Session-IdAcctColumnDefACCTSESSIONTIME,Acct-Session-Time,integerAcctColumnDefACCTTERMINATECAUSE,Acct-Terminate-CauseAcctColumnDefNASIDENTIFIER,NAS-IdentifierAcctColumnDefNASPORT,NAS-Port,integerAcctColumnDefFRAMEDIPADDRESS,Framed-IP-AddressAcctColumnDefCALLINGSTATIONID,Calling-Station-Id AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-%{Acct-Session-Time} where USERNAME='%n' RejectEmptyPasswordAcctFailedLogFileName %L/misseddetails/AuthBy AuthBy RADIUSHostxxx.netSecretxxxAuthPort 1645AcctPort 1646Retries 4RetryTimeout 5CachePasswords RejectEmptyPassword#AcctLogFileName %L/misseddetails2/AuthBy##PostAuthHook file:"%D/CheckBlockTimeLeft" /Realm#/Handler ClientListSQLDBSourcedbi:mysql:radiusDBUsernamerootDBAuthxxx /ClientListSQL SessionDatabase SQLDBSourcedbi:mysql:radiusDBUsernamerootDBAuthxxx# Optional identifier. Its just a nameIdentifier SQL1 AddQuery insert into RADONLINE (USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,SERVICETYPE) values('%n','%N',%{NAS-Port},'%{Acct-Session-Id}',%{Timestamp},'%{Framed-IP-Address}','%{Port-Type}','%{Service-Type}')DeleteQuery delete from RADONLINE where USERNAME='%n' and NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME='%n' /SessionDatabase # Log to a fileLog FILEFilename %L/mylogTrace 5/Log # Log to syslog (Unix only)Log SYSLOGFacility userTrace 4/Log #Log SQL# Defines how to connect to the database. See examples above#DBSourcedbi:mysql:radius#DBUsernamemikem#DBAuthfred# Trace level to use (allows same values as the global Trace level)#Trace 4#/Log #
(RADIATOR) Accounting-Response problem
Hi, I have problem with Radiator-2.18 in FreeBSD 4.0. All modules installed. All is working fine except Radiator is not sending accounting-response after receivingaccounting-request from NAS. Here is my radiator config file. # radius.cfg ForegroundTrace5 AuthPort1645AcctPort1646 LogDir/var/log/radiusDbDir/usr/local/var/radius LogFile%L/logfile DictionaryFile %D/dictionary#DictionaryFile %D/dictionary.cisco#DictionaryFile %D/dictionary.ascend#DictionaryFile %D/dictionary.ascend2 FingerProg /usr/bin/fingerSnmpgetProg /usr/local/bin/snmpget #RewriteUsernametr/[A-Z]/[a-z]/#RewriteUsernames/\S+//g #PreClientHooksub { print "Here I am in PreClentHook\n"; }#StartupHook sub {print "here I am in StartupHook $_[0]\n";} Client x.x.x.xSecretxxxDupInterval 0NoIgnoreDuplicates Access-RequestNasType Cisco#NasType Ascend#RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/StatusServerShowClientDetails/Client Client z.z.z.zSecretxxxDupInterval 0NoIgnoreDuplicates Access-RequestNasType Cisco#NasType Ascend#RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/StatusServerShowClientDetails/Client Client DEFAULTSecretxxxDupInterval 0NoIgnoreDuplicates Access-RequestNasType Cisco#NasType Ascend#RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/StatusServerShowClientDetails/Client###Realm DEFAULT#Handler #RewriteUsernames/^([^@]+).*/$1/#RewriteUsernametr/[A-Z]/[a-z]/ MaxSessions1#AcctLogFileName%L/detail #AcctLogFileFormat %{Timestamp} %{Acct-Session-Id} %{User-Name} #WtmpFileName %L/wtmp#PasswordLogFileName %L/password.log RejectHasReason AuthByPolicy ContinueWhileIgnoreAccountingHandled SessionDatabase SQL1 AuthBy SQLDBSourcedbi:mysql:radiusDBUsernamerootDBAuthxxx #AuthSelect select PASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%n'AuthSelect select PASSWORD,REPLYATTR,TIMELEFT from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AuthColumnDef 1, GENERIC, replyAuthColumnDef 2, Session-Timeout, reply AddToReply Framed-Protocol = PPP,Service-Type = Framed-User,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP AccountingTableACCOUNTINGAccountingStopsOnly AcctColumnDefUSERNAME,User-NameAcctColumnDefTIME_STAMP,Timestamp,integerAcctColumnDefACCTSTATUSTYPE,Acct-Status-TypeAcctColumnDefACCTDELAYTIME,Acct-Delay-Time,integerAcctColumnDefACCTINPUTOCTETS,Acct-Input-Octets,integerAcctColumnDefACCTOUTPUTOCTETS,Acct-Output-Octets,integerAcctColumnDefACCTSESSIONID,Acct-Session-IdAcctColumnDefACCTSESSIONTIME,Acct-Session-Time,integerAcctColumnDefACCTTERMINATECAUSE,Acct-Terminate-CauseAcctColumnDefNASIDENTIFIER,NAS-IdentifierAcctColumnDefNASPORT,NAS-Port,integerAcctColumnDefFRAMEDIPADDRESS,Framed-IP-AddressAcctColumnDefCALLINGSTATIONID,Calling-Station-Id AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-%{Acct-Session-Time} where USERNAME='%n' RejectEmptyPasswordAcctFailedLogFileName %L/misseddetails/AuthBy AuthBy RADIUSHostxxx.netSecretxxxAuthPort 1645AcctPort 1646Retries 4RetryTimeout 5CachePasswords RejectEmptyPassword#AcctLogFileName %L/misseddetails2/AuthBy##PostAuthHook file:"%D/CheckBlockTimeLeft" /Realm#/Handler ClientListSQLDBSourcedbi:mysql:radiusDBUsernamerootDBAuthxxx /ClientListSQL SessionDatabase SQLDBSourcedbi:mysql:radiusDBUsernamerootDBAuthxxx# Optional identifier. Its just a nameIdentifier SQL1 AddQuery insert into RADONLINE (USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,SERVICETYPE) values('%n','%N',%{NAS-Port},'%{Acct-Session-Id}',%{Timestamp},'%{Framed-IP-Address}','%{Port-Type}','%{Service-Type}')DeleteQuery delete from RADONLINE where USERNAME='%n' and NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME='%n' /SessionDatabase # Log to a fileLog FILEFilename %L/mylogTrace 5/Log # Log to syslog (Unix only)Log SYSLOGFacility userTrace 4/Log #Log SQL# Defines how to connect to the database. See examples above#DBSourcedbi:mysql:radius#DBUsernamemikem#DBAuthfred# Trace level to use (allows same values as the global Trace level)#Trace 4#/Log #
Re: (RADIATOR) @ in usernames, NoDefault not working
Mike McCauley writes: The message you see is an unfiortunate side effect of some recent changes to AuthBy LDAP2. Those changes will be backed out in the next release. IN the meantime, you can fix this by commenting out this line in AuthLDAP2.pm: #$filter = eval qq/"$filter"/; # Interpolate perl vars Hope that helps. Aaah, indeed this fixes the "@" problem. Thanks to you and Hugh for your help! Robert === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) AuthBy NT problems
I thought the PDC encrypts the password so you cannot extract it to a flat file. -Michael Audet Network Services Chubb Son [EMAIL PROTECTED] - Original Message - From: "Steve Phillips" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, April 08, 2001 9:40 PM Subject: (RADIATOR) AuthBy NT problems Hiyas, Just wondering about the AuthBy NT clause, it seems that there is a rather large delay (compared to say, database authentication and flatfile authentication) when using the AuthBy NT authenticator, the delays we are seeing are in the 5-10 second mark - would this be considered normal ? If the answer is "yep, NT is a slow method to authenticate by" then is there any way to extract a list of usernames/passwords from an NT PDC and write them out to a flatfile which we could then use to authenticate to or are there any other options that people have used that we could implement ? -- Steve. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re:
Check your radius KEY. the key is used for the encryption and decrypt of the pw between Radiator and SAM -Michael Audet Network Services Chubb Son [EMAIL PROTECTED] - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, April 08, 2001 10:39 PM Hello, I tried to setup radius proxing by setting Radiator as forwarding radius and destination is Shiva Access Manager. So far, Radiator and Shiva Access Manager can talk to each other (I saw from log file of both). But Shiva Access Manager always shows that Radiator's password is wrong and does not authenticate. I check many times but it is still not working. I suspect password encrytion between Radiator and Shiva Access Manager is different. Do any one have any idea about this, please help me to fix this. Thank you very much. David Dissayanun Thailand - Get the Koolest Thai email at http://www.i-kool.com Multiple Skins, Easy to use, and Fully featured - === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Patch: $reason argument to PostAuthHook
Hi, while writing a PostAuthHook, I found the wish to be able to access the reject reason in that handler. The appended little patch does it. The documentation to PostAuthHook could then contain something like: The fourth argument is a reference to a string variable holding the reason for a reject, or undefined if none is available. It would be nice to see something like this in the next version. Robert diff -r Radiator-2.18/Radius/Handler.pm Radiator-2.18.rejectreason/Radius/Handler.pm 491c491 eval{ {$self-{PostAuthHook}}(\$p, \$rp, \$handled); }; --- eval{ {$self-{PostAuthHook}}(\$p, \$rp, \$handled, \$reason); };
Re: (RADIATOR) (Radiator) Problem with dial-up users
Hello Peter - If the configuration file has been changed, there is not much I can do. As you say, if the database contains the wrong IP address information, then all sorts of problems are guaranteed to happen. regards Hugh At 2:42 -0700 01/4/9, Peter Srivaree-Ratana wrote: Hi Hugh, --- Hugh Irvine [EMAIL PROTECTED] wrote: [snip] Which customer is this? The same old TMB. Somehow the radius server was rebooted, and the data in DB AuthBy DYNAADDRESS is not correct as the "netmask" is 255.255.255.0. So when the new user logs on, the RAS will broadcast the IP and claim the class C address with that netmask. ;) The obvious question is "what has changed?". Before I hard-coded that netmask to the configuration file. Somehow it got changed along with quite a few things without my knowledge. This is part of the problem - why is the NAS-Port attribute now 0? It should indicate the port number on the NAS to which the user is connected. I will need to check on this again whether this problem still exists. Thanks for all the help, esp. very fast turnaround time. Wish I had time to reply then. Regards, Peter = P. Srivaree-Ratana __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Patch: $reason argument to PostAuthHook
Hello Robert - Many thanks for this - I have forwarded it to Mike. regards Hugh At 20:16 +0200 01/4/9, Robert Kiessling wrote: Content-Type: text/plain; charset=us-ascii Content-Description: message body text Content-Transfer-Encoding: 7bit Hi, while writing a PostAuthHook, I found the wish to be able to access the reject reason in that handler. The appended little patch does it. The documentation to PostAuthHook could then contain something like: The fourth argument is a reference to a string variable holding the reason for a reject, or undefined if none is available. It would be nice to see something like this in the next version. Robert diff -r Radiator-2.18/Radius/Handler.pm Radiator-2.18.rejectreason/Radius/Handler.pm 491c491 eval{ {$self-{PostAuthHook}}(\$p, \$rp, \$handled); }; --- eval{ {$self-{PostAuthHook}}(\$p, \$rp, \$handled, \$reason); }; -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Accounting-Response problem
Title: Re: (RADIATOR) Accounting-Response problem Hello Ganbold - I will need to see a trace 4 debug from Radiator showing what is happening. thanks Hugh At 19:11 +0800 01/4/9, ganbold wrote: Hi, I have problem with Radiator-2.18 in FreeBSD 4.0. All modules installed. All is working fine except Radiator is not sending accounting-response after receivingaccounting-request from NAS. Here is my radiator config file. # radius.cfg Foreground Trace5 AuthPort1645 AcctPort1646 LogDir/var/log/radius DbDir/usr/local/var/radius LogFile%L/logfile DictionaryFile %D/dictionary #DictionaryFile %D/dictionary.cisco #DictionaryFile %D/dictionary.ascend #DictionaryFile %D/dictionary.ascend2 FingerProg /usr/bin/finger SnmpgetProg /usr/local/bin/snmpget #RewriteUsernametr/[A-Z]/[a-z]/ #RewriteUsernames/\S+//g #PreClientHooksub { print Here I am in PreClentHook\n; } #StartupHook sub {print here I am in StartupHook $_[0]\n;} Client x.x.x.x Secretxxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco #NasType Ascend #RewriteUsernames/^([^@]+).*/$1/ #RewriteUsernametr/[A-Z]/[a-z]/ StatusServerShowClientDetails /Client Client z.z.z.z Secretxxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco #NasType Ascend #RewriteUsernames/^([^@]+).*/$1/ #RewriteUsernametr/[A-Z]/[a-z]/ StatusServerShowClientDetails /Client Client DEFAULT Secretxxx DupInterval 0 NoIgnoreDuplicates Access-Request NasType Cisco #NasType Ascend #RewriteUsernames/^([^@]+).*/$1/ #RewriteUsernametr/[A-Z]/[a-z]/ StatusServerShowClientDetails /Client ### Realm DEFAULT #Handler #RewriteUsernames/^([^@]+).*/$1/ #RewriteUsernametr/[A-Z]/[a-z]/ MaxSessions1 #AcctLogFileName%L/detail #AcctLogFileFormat %{Timestamp} %{Acct-Session-Id} %{User-Name} #WtmpFileName %L/wtmp #PasswordLogFileName %L/password.log RejectHasReason AuthByPolicy ContinueWhileIgnore AccountingHandled SessionDatabase SQL1 AuthBy SQL DBSourcedbi:mysql:radius DBUsernameroot DBAuthxxx #AuthSelect select PASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%n' AuthSelect select PASSWORD,REPLYATTR,TIMELEFT from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AuthColumnDef 1, GENERIC, reply AuthColumnDef 2, Session-Timeout, reply AddToReply Framed-Protocol = PPP,Service-Type = Framed-User,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP AccountingTableACCOUNTING AccountingStopsOnly AcctColumnDefUSERNAME,User-Name AcctColumnDefTIME_STAMP,Timestamp,integer AcctColumnDefACCTSTATUSTYPE,Acct-Status-Type AcctColumnDefACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDefACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDefACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDefACCTSESSIONID,Acct-Session-Id AcctColumnDefACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDefACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDefNASIDENTIFIER,NAS-Identifier AcctColumnDefNASPORT,NAS-Port,integer AcctColumnDefFRAMEDIPADDRESS,Framed-IP-Address AcctColumnDefCALLINGSTATIONID,Calling-Station-Id AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-%{Acct-Session-Time} where USERNAME='%n' RejectEmptyPassword AcctFailedLogFileName %L/misseddetails /AuthBy AuthBy RADIUS Hostxxx.net Secretxxx AuthPort 1645 AcctPort 1646 Retries 4 RetryTimeout 5 CachePasswords RejectEmptyPassword #AcctLogFileName %L/misseddetails2 /AuthBy ## PostAuthHook file:%D/CheckBlockTimeLeft /Realm #/Handler ClientListSQL DBSourcedbi:mysql:radius DBUsernameroot DBAuthxxx /ClientListSQL SessionDatabase SQL DBSourcedbi:mysql:radius DBUsernameroot DBAuthxxx # Optional identifier. Its just a name Identifier SQL1 AddQuery insert into RADONLINE (USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,SERVICETYPE) values('%n','%N',%{NAS-Port},'%{Acct-Session-Id}',%{Timestamp},'%{Framed-IP-Address}','%{Port-Type}','%{Service-Type}') DeleteQuery delete from RADONLINE where USERNAME='%n' and NASIDENTIFIER='%N' and NASPORT=%{NAS-Port} ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N' CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME='%n' /SessionDatabase # Log to a file Log FILE Filename %L/mylog Trace 5 /Log # Log to syslog (Unix only) Log SYSLOG Facility user Trace 4 /Log #Log SQL # Defines how to connect to the database. See examples above #DBSourcedbi:mysql:radius #DBUsernamemikem #DBAuthfred # Trace level to use (allows same values as the global Trace level) #Trace 4 #/Log # -- NB: I am travelling this week, so there may be delays in our correspondence.
Re: (RADIATOR) AuthBy NT problems
Hello Steve - As Ashley says, there is a new version of AuthNT.pm in the patches area for Radiator 2.18, so I suggest you upgrade. regards Hugh At 13:33 +1000 01/4/9, Kent, Ashley wrote: the delays we are seeing are in the 5-10 second mark - would this be considered normal ? Just as you say - NT is a slow method for authentication if you are using the standard AuthBy NT module. I would suggest you contact Mike or Hugh and see if you can get the new version of this module. It authenticates by only checking if the user's password is ok. The old module checks by actually trying to change the password, and hence is very slow. is there any way to extract a list of usernames/passwords from an NT PDC Unless your users are willing to write down their passwords for you then not really. You could try grabbing passwords off the wire, or crack the sam using something like John The Ripper or l0phtcrack. Unless your users have very simple passwords all these will take too long. A quicker method would be trojaning one of your network apps, but is it worth the hassle? are there any other options that people have used that we could implement ? 1. Install Radiator on a BDC 2. Patch it with the latest AuthBy NT patch hth, Ash Kent Network Security Engineer United Energy Australia === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) New PostProcessingHook
Hello Robert - Thanks for the contribution. BTW - if you just want to use temporary storage that you wont have to do housekeeping on, you should just put things into the request packet ($p) instead of the reply packet ($rp). The request packet is simply discarded so you don't have to worry about it. regards Hugh At 20:47 +0200 01/4/9, Robert Kiessling wrote: Content-Type: text/plain; charset=us-ascii Content-Description: message body text Content-Transfer-Encoding: 7bit In order to remove some faked attributes, I would have found a PostProcessingHook useful, and added it since it wasn't there already. The patch against Radiator-2.18 is appended so that it might be considered for inclusion in the next release. The documentation for this: 6.15.x PostProcessingHook/H4 P CLASS="BodyAfterHead" A NAME="pgfId=398636" /A This optional parameter allows you to define a Perl function that will be called during packet processing. PostProcessingHook is called for each reply immediately before it is sent to the client, after all PostAuthHooks and after log files are written. A reference to the current request is passed as the first arg ument, and a reference to the reply packet is passed as the second argument./P [... code is compiled ...] PostProcessingHook can be an arbitrarily complicated Perl function, that might run external processes, consult databases, change the contents of the current reply or many other things./P PRE CLASS="Code"A NAME="pgfId=398639" /A # Remove a faked attribute from the reply PostProcessingHook sub { ${$_[1]}-gt;delete_attr(`My-Realm');}/PRE diff -r -c Radiator-2.18/Radius/Handler.pm Radiator-2.18.postprocessinghook/Radius/Handler.pm *** Radiator-2.18/Radius/Handler.pmFri Mar 9 00:13:12 2001 --- Radiator-2.18.postprocessinghook/Radius/Handler.pm Mon Apr 9 20:26:51 2001 *** *** 116,121 --- 116,122 'SessionDatabase'= 'string', 'HandleAscendAccessEventRequest' = 'flag', 'PreProcessingHook' = 'hook', + 'PostProcessingHook' = 'hook', 'PreAuthHook'= 'hook', 'PostAuthHook' = 'hook', 'RewriteFunction'= 'hook') return 1; *** *** 506,511 --- 507,513 { my ($self, $p, $rp, $handled, $reason) = @_; + my $do_reply = 0; if ($p-code eq 'Access-Request') { my $name = $p-getUserName; *** *** 514,520 main::log($main::LOG_DEBUG, "Access accepted for $name"); $self-authlog($main::ACCEPT, '', $p, $rp); $rp-set_code('Access-Accept'); ! $p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::REJECT || $handled == $main::REJECT_IMMEDIATE) --- 516,522 main::log($main::LOG_DEBUG, "Access accepted for $name"); $self-authlog($main::ACCEPT, '', $p, $rp); $rp-set_code('Access-Accept'); ! $do_reply = 1; } elsif ($handled == $main::REJECT || $handled == $main::REJECT_IMMEDIATE) *** *** 525,538 $rp-addAttrByNum($Radius::Radius::REPLY_MESSAGE, $self-{RejectHasReason} ? $reason : 'Request Denied'); ! ! $p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::CHALLENGE) { main::log($main::LOG_DEBUG, "Access challenged for $name: $reason"); $rp-set_code('Access-Challenge'); ! $p-{Client}-replyTo($rp, $p); } else { --- 527,539 $rp-addAttrByNum($Radius::Radius::REPLY_MESSAGE, $self-{RejectHasReason} ? $reason : 'Request Denied'); ! $do_reply = 1; } elsif ($handled == $main::CHALLENGE) { main::log($main::LOG_DEBUG, "Access challenged for $name: $reason"); $rp-set_code('Access-Challenge'); ! $do_reply = 1; } else { *** *** 559,565 { main::log($main::LOG_DEBUG, "Accounting accepted"); $rp-set_code('Accounting-Response'); ! $p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::IGNORE) { --- 560,566 { main::log($main::LOG_DEBUG, "Accounting accepted"); $rp-set_code('Accounting-Response'); ! $do_reply = 1; } elsif ($handled == $main::IGNORE) { *** *** 574,590 { main::log($main::LOG_DEBUG, "Disconnect-Request accepted"); $rp-set_code('Disconnect-Request-ACKed'); ! $p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::REJECT || $handled == $main::REJECT_IMMEDIATE) { main::log($main::LOG_INFO, "Disconnect-Request rejected: $reason");
Re: (RADIATOR) Authenticating against an NT domain
when I start Radiator it errors claiming that Win32:RasAdmin is required. I can not find this as an installable package. Does any body know what i am doing wrong? The Win32:RasAdmin package is only necessary if you want to use the HonourDialinPermission switch in AuthBy NT. ActiveState released a Win32-RasAdmin package for the 5xx builds of ActivePerl but haven't got around to releasing a package for the 6xx builds. In the AuthNT.pm for version 2.17 the Win32::RasAdmin package is only required if you have HonourDialinPermission set in your config file (take a look at the keyword subroutine). I believe the patched 2.18 version would work the same way, so try removing HonourDialinPermission from your config file. You don't really need to use it anyway - creative use of handlers can give you the same functionality. hth, Ash Kent Network Security Engineer United Energy Australia. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) New PostProcessingHook
Hello Robert, Thanks again for another contribution. We have rolled it in for the next release. I agree with Hughs comments. If all you want to do is remove pseudo attributes from the reply, it might be better to use the request as a scratchpad area instead. Cheers. On Apr 10, 8:10am, Hugh Irvine wrote: Subject: Re: (RADIATOR) New PostProcessingHook Hello Robert - Thanks for the contribution. BTW - if you just want to use temporary storage that you wont have to do housekeeping on, you should just put things into the request packet ($p) instead of the reply packet ($rp). The request packet is simply discarded so you don't have to worry about it. regards Hugh At 20:47 +0200 01/4/9, Robert Kiessling wrote: Content-Type: text/plain; charset=us-ascii Content-Description: message body text Content-Transfer-Encoding: 7bit In order to remove some faked attributes, I would have found a PostProcessingHook useful, and added it since it wasn't there already. The patch against Radiator-2.18 is appended so that it might be considered for inclusion in the next release. The documentation for this: 6.15.x PostProcessingHook/H4 P CLASS="BodyAfterHead" A NAME="pgfId=398636" /A This optional parameter allows you to define a Perl function that will be called during packet processing. PostProcessingHook is called for each reply immediately before it is sent to the client, after all PostAuthHooks and after log files are written. A reference to the current request is passed as the first arg ument, and a reference to the reply packet is passed as the second argument./P [... code is compiled ...] PostProcessingHook can be an arbitrarily complicated Perl function, that might run external processes, consult databases, change the contents of the current reply or many other things./P PRE CLASS="Code"A NAME="pgfId=398639" /A # Remove a faked attribute from the reply PostProcessingHook sub { ${$_[1]}-gt;delete_attr(`My-Realm');}/PRE diff -r -c Radiator-2.18/Radius/Handler.pm Radiator-2.18.postprocessinghook/Radius/Handler.pm *** Radiator-2.18/Radius/Handler.pm Fri Mar 9 00:13:12 2001 --- Radiator-2.18.postprocessinghook/Radius/Handler.pm Mon Apr 9 20:26:51 2001 *** *** 116,121 --- 116,122 'SessionDatabase'= 'string', 'HandleAscendAccessEventRequest' = 'flag', 'PreProcessingHook' = 'hook', + 'PostProcessingHook' = 'hook', 'PreAuthHook'= 'hook', 'PostAuthHook' = 'hook', 'RewriteFunction'= 'hook') return 1; *** *** 506,511 --- 507,513 { my ($self, $p, $rp, $handled, $reason) = @_; + my $do_reply = 0; if ($p-code eq 'Access-Request') { my $name = $p-getUserName; *** *** 514,520 main::log($main::LOG_DEBUG, "Access accepted for $name"); $self-authlog($main::ACCEPT, '', $p, $rp); $rp-set_code('Access-Accept'); !$p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::REJECT || $handled == $main::REJECT_IMMEDIATE) --- 516,522 main::log($main::LOG_DEBUG, "Access accepted for $name"); $self-authlog($main::ACCEPT, '', $p, $rp); $rp-set_code('Access-Accept'); !$do_reply = 1; } elsif ($handled == $main::REJECT || $handled == $main::REJECT_IMMEDIATE) *** *** 525,538 $rp-addAttrByNum($Radius::Radius::REPLY_MESSAGE, $self-{RejectHasReason} ? $reason : 'Request Denied'); ! !$p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::CHALLENGE) { main::log($main::LOG_DEBUG, "Access challenged for $name: $reason"); $rp-set_code('Access-Challenge'); !$p-{Client}-replyTo($rp, $p); } else { --- 527,539 $rp-addAttrByNum($Radius::Radius::REPLY_MESSAGE, $self-{RejectHasReason} ? $reason : 'Request Denied'); !$do_reply = 1; } elsif ($handled == $main::CHALLENGE) { main::log($main::LOG_DEBUG, "Access challenged for $name: $reason"); $rp-set_code('Access-Challenge'); !$do_reply = 1; } else { *** *** 559,565 { main::log($main::LOG_DEBUG, "Accounting accepted"); $rp-set_code('Accounting-Response'); !$p-{Client}-replyTo($rp, $p); } elsif ($handled == $main::IGNORE) { --- 560,566 { main::log($main::LOG_DEBUG, "Accounting accepted"); $rp-set_code('Accounting-Response'); !$do_reply = 1; } elsif ($handled == $main::IGNORE) { *** *** 574,590 {
(RADIATOR) (Fwd) Cisco
--- Forwarded mail from [EMAIL PROTECTED] From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Cisco Date: Tue, 10 Apr 2001 10:50:51 -0500 Hi there got ur email from radiator mailng list , i was trying to split normal and isdn users so taht normal users cannot logon to isdn lines . for tha i added prottype attribute to my mysql database . was succesfull working with othere ras but cisco does not seemz to be sending port type it always sends 0 in 61 that is Async what may be the prob ? best regards Amit Hooja [ Attachment (text/x-vcard): "amithooja.vcf" 232 bytes Character set: us-ascii Card for [EMAIL PROTECTED] ] ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X Hi there got ur email from radiator mailng list , i was trying to split normal and isdn users so taht normal users cannot logon to isdn lines . for tha i added prottype attribute to my mysql database . was succesfull working with othere ras but cisco does not seemz to be sending port type it always sends 0 in 61 that is Async what may be the prob ? best regards Amit Hooja Transferred from mail from [EMAIL PROTECTED]: Card for [EMAIL PROTECTED]
(RADIATOR) Radiator 2.17.1 died w/errors. Why?
Hi everyone, Has anyone experienced these errors when running Radiator 2.17.1? I only started receiving these messages when I upgraded from 2.15 to 2.17.1. The errors are: 1) Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.xx.xxx. 2) DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. Thanks! Janet Original Message Subject: Your program exited Date: Tue, 10 Apr 2001 14:58:58 +1000 From: Super-User [EMAIL PROTECTED] To: [EMAIL PROTECTED] Your program /usr/bin/radiusd -foreground exited unexpectedly with exit status 2, signal number 0 and dump indication 0. The STDERR output was Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.50.48.57.56.57.50 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.52.55.50.48.51.55 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.9.49.56.53.53.51.51.48.57.56 DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.54.56.50.50.51.51.57.56 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.6.49.57.55.48.50.49 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.52.48.54.53.48.54 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.56.54.53.50.54.53 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.50.55.53.52.51.53 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.52.55.50.48.52.56 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.52.52.55.50.48.52.56 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.51.51.57.52.55.55.54.52 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.9.50.49.56.57.53.53.56.51.50 Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name doesn't exist: enterprises.429.4.2.1.140.1.2.8.53.49.53.55.55.53.57.53 DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. DBD::ODBC::db do failed: [OpenLink][ODBC][SQL Server]Line 1: Incorrect syntax near ','. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) at /usr/lib/perl5/site_perl/5.005/Radius/SqlDb.pm line 259. Error in packet Reason: (noSuchName) There is no such variable name in this MIB. This name