return something stored in ldap to Nas via radius

hi all i'm here again sorry for boring you.i'm now use freeradius and openldap to implement auth .i found that return of radius is through a function named "ldap_pairget",the function use "ldap.attrmap" to look for valid attribute in ldap and added it to request->reply->vps,but my problem is

Re: re:

Just about any OS can us CHAP. It is a standard. Forgive me if any of the following is wrong, but it should be enough to explain the difference between CHAP/PAP. PAP: Plain-test Authentication Protocol The password is set from the dialup computer to the NAS in Plain-text. It is the sent to the r

Re: freeradius & mysql tables

id = automatic UserName = put in a username Attribute = the name of the attribute you are adding, typically "Password"? Value = depends on the attribute op = not needed, can be NULL, unless you need to do special things   Example:   insert into radcheck (UserName, Attribute, Value) values ("t

Re: dial_up admin question

whats dial_up admin? where can I get more info on it? - Original Message - From: "Peter Santiago" <[EMAIL PROTECTED]> To: "Freeradius-Users@Lists. Cistron. Nl" <[EMAIL PROTECTED]> Sent: Friday, April 05, 2002 11:23 AM Subject: dial_up admin question > I'm using a mysql database. I crea

freeradius & mysql tables

I have freeradius   0.5, and I dont know, how do I fill the radcheck table? there are collumns I don't know what they are.. can someone clue me in?  

re:

If i can't see the passwords that means i have half the knowledge to trouble shoot customers Login problems. Which isn't goodany idea which OS use CHAP passwords. thanks iq - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: How can I test the server?

There should be a radtest program. Look into that. Andrew Tait System Administrator Country NetLink Pty, Ltd E-Mail: [EMAIL PROTECTED] WWW: http://www.cnl.com.au 30 Bank St Cobram, VIC 3644, Australia Ph: +61 (03) 58 711 000 Fax: +61 (03) 58 711 874 "It's the smell! If there is such a thing." Ag

RE: Configuring Free Radius to do MAC Address Authentication

What format are you entering the MAC username in? You cannot use xx:yy:zz:11:22:33 you will have to change it to: xxyyzz-112233 -Original Message- From: David Petruzzella [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 7:32 PM To: [EMAIL PROTECTED] Subject: Re: Configuring Free R

How can I test the server?

I have installed and run the server ,but by using which tools can I test whether the server is running well? thanks~~ _ Ãâ·ÑÏÂÔØ MSN Explorer£ºhttp://explorer.msn.com/lccn/intl.asp¡£ - List info/subscribe/unsubscribe? See http:/

Re: Configuring Free Radius to do MAC Address Authentication

Please disregard a portion of my e-mail in regards to which mac address would I put for the access point. I believe the ip of the nas you are referring to the ip of the access point. Corretc? _ MSN Photos is the easiest way to s

freeradius-users@lists.cistron.nl

Hi everyone, in my radius.log file, some of my customers come in as userxyz, now how can i see their passwords as i need to trouble shoot some time. thanx iq - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 09, 2002 7:51 AM Su

Re:

"freeradlist@GoldenIT" <[EMAIL PROTECTED]> wrote: >in my radius.log file, some of my customers come in as > userxyz, > now how can i see their passwords as i need to trouble shoot some time. You can't. You only have the CHAP password, as it says. You don't have the clear-

Re: Configuring Free Radius to do MAC Address Authentication

Do you use your passwd file in unix or the users file in raddb? I try using my passwd file in linux, I keep getting invalid user when I use that format using any type of adduser utility. I could add it manually to the passwd file, but I just wanna be sure the system will recognize it and actu

Re: Freeradius with NT4 (not recording octets)

Thank you for your quick reply However I am very new to the radius concept, snip "Turn on extended logging and send a log for Accounting packet." What does this mean?, do I do this from the Radius Client or Server? Thanks Again Rhys - Original Message - From: "3APA3A" <[EMAIL PROTE

Re: freeradius troubles with cisco access point

David Wong wrote: > > can anybody verify if freeradius works with cisco's > 350 series wireless access point? and if not, can Yes. It works for me even for EAP-MD5 & EAP-TLS. -Raghu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

RE: FreeRADIUS and PAM

> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote: > > So my original question, slightly reworded, is "If PAM is able to > > authenticate me correctly, which it does, why does FreeRADIUS still > > return a reject unless there is a local account?" This > would seem to be > > a function of what Free

Re: FreeRADIUS and PAM

Justin, On Mon, Apr 08, 2002 at 04:34:39PM -0400, Alan DeKok wrote: > "McNutt, Justin M." <[EMAIL PROTECTED]> wrote: > > So my original question, slightly reworded, is "If PAM is able to > > authenticate me correctly, which it does, why does FreeRADIUS still > > return a reject unless there is a

Re: FreeRADIUS and PAM

"McNutt, Justin M." <[EMAIL PROTECTED]> wrote: > So my original question, slightly reworded, is "If PAM is able to > authenticate me correctly, which it does, why does FreeRADIUS still > return a reject unless there is a local account?" This would seem to be > a function of what FreeRADIUS reques

Re: freeradius and mysql

Alan DeKok wrote: > > Artur Hecker <[EMAIL PROTECTED]> wrote: > > i don't use sql and it doesn't work either. the files are the > > aquivalents of the system-wide utmp, wtmp, etc. files, if i'm not > > completely wrong. > > SQL accounting is NOT the equivalent of utmp/wmtp. Even utmp/wmtp >

Re: FreeRadius 0.5 with mysql 3.22.32

"Tsui Kai Ho Kyo" <[EMAIL PROTECTED]> wrote: > I had configured my free-radius 0.5 on redhat 6.2 linux server. > I run the server by using "./radiusd -xxyz -l stdout" > The problem is that my dial up users got "Error 5: access denied", > however, the standard output shown things ok.. Uh, no. Y

Re: Core dump when user is in group (msyql)

"Veli-Matti Riepula" <[EMAIL PROTECTED]> wrote: > I have a RH7.2 box running on standard kernel with FR 0.5 and mysql 3.23.40. > When I try to authenticate a user that is mapped into any group in usergroup > table, I get a core dump. Can you read 'doc/bugs', and post the relevant information to

Re: how does detail file works.

"freeradlist@GoldenIT" <[EMAIL PROTECTED]> wrote: >I am new to free radius. It is working fine for me. I > was just wondering how does "detail file > (/usr/local/var/log/radius/radaact/ip/detail)" works in free radius. I mean > does it gives us stats on daily basis or weekl

RE: freeradius port

Not sure if there are other implications or not, but I did a quick test of: 1) ran radiusd.init start 2) radiusd -p 1645 First command runs the normal init script and starts radius on port 1812 Second command runs the radiusd executable with the port flag -p to specify port 1645 (it still reads

Re: Pb configuring EAP/MD5 auth with Orinoco AP1000

> EAP-Message = "\002\004\000\r\001portable" > modcall: group authenticate returns ok > radius_xlat: 'Coucou Mathieu' > Sending Access-Challenge of id 4 to 134.214.79.172:192 > User-Name = "portable" > User-Password = "portable" > Reply-Message = "Coucou Mathieu" > EAP-Message = > "\001\004\000

freeradius troubles with cisco access point

can anybody verify if freeradius works with cisco's 350 series wireless access point? and if not, can anyone recommend a radius server that does work with that access point (besides cisco's radius server)? thanks in advance. __ Do You Yahoo!? Yaho

Re: FreeRadius 0.5 and Debian 3.0

On Mon, 2002-04-08 at 09:30, Chad Miller wrote: > > Matthew's right. The rate of development makes it awfully hard to plan > releases. IMO, FreeRADIUS needs a "stable" branch that is pushed towards > 1.0, instead of the whole tree being in a perpetual alpha-state. That > means no EAP, no Pyt

Re: freeradius and mysql

> I have a patch sitting somewhere which adds the ability for SQL to > do Simultaneous-Use checks, that might help. If you can dig up that patch and post it, I will greatly appreciate it. So other than Simultaneous-Use, what else do the tmp files do for me? I'm just trying to see if I need to g

Re: odd error since switching to an L2TP config

John <[EMAIL PROTECTED]> wrote: > Since we've switched to the L2TP config, we now see an odd thing when people > are logging in with a '[EMAIL PROTECTED]' username. If they login with > '[EMAIL PROTECTED]' we see something like: > > Sun Apr 7 13:02:12 2002 : Auth: Login incorrect: [realm.com/ci

Re: freeradius port

"yoav" <[EMAIL PROTECTED]> wrote: > is it possible to tell radiusd to run on more than one port? Right now, no. > if not,any idea? Change the code in the server, src/main/radiusd.c Patches are always welcome. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.o

Re: freeradius and mysql

Artur Hecker <[EMAIL PROTECTED]> wrote: > i don't use sql and it doesn't work either. the files are the > aquivalents of the system-wide utmp, wtmp, etc. files, if i'm not > completely wrong. SQL accounting is NOT the equivalent of utmp/wmtp. Even utmp/wmtp are not equivalent. They have diffe

Re: FreeRadius 0.5 and Debian 3.0

> From: "Andrew Tait" <[EMAIL PROTECTED]> > Subject: FreeRadius 0.5 and Debian 3.0 > Date: Mon, 8 Apr 2002 15:34:20 +1000 > > The radiusd-freeradius packages have been REMOVED from Debian testing/woody, > because of the severe bugs > (http://bugs.debian.org/cgi-bin/pkgreport.cgi?src=radiusd-freer

Re: Weird accouting entry

Edgard Castro <[EMAIL PROTECTED]> wrote: > See? I just got that error because I have a program that process the detail > to import to a database. Anyone got that before? Nope. Are you sure your script isn't breaking things? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.fre

Re: FreeRADIUS and PAM

"McNutt, Justin M." <[EMAIL PROTECTED]> wrote: > > PAM does username/password authentication, nothing else. > > Not so. PAM can provide several different authorization functions as > well. ... and for authentication, it does username/password (or equivalents) > I figured this one out. Fre

RE: FreeRADIUS and PAM

> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote: > > > PAM does username/password authentication, nothing else. > > > > Not so. PAM can provide several different authorization > functions as > > well. > > ... and for authentication, it does username/password (or > equivalents) But RADIUS

Error on frontios.com Mysql note - fixed

RE: http://www.frontios.com/freeradius.html Yep... as various people noted there was a rather glaring typo on the last note (re: 0.5 and dropping 'sql' from the authenticate section of radiusd.conf). It initially said 'authorize' and not 'authenticate'. Oops. Forest for trees and all that jazz

Weird accouting entry

Fellas, Something strange happened this weekend, we had a syslog entry into the detail file, here: [root@nfs2 auth01]# cat radacct_detail-20020404.log radacct_detail-20020405.log radacct_detail-20020406.log radacct_detail-20020407.log | grep "configuration" radiusd: Starting - reading configurat

RE: FreeRADIUS and PAM

> "McNutt, Justin M." <[EMAIL PROTECTED]> wrote: > > 1) FreeRADIUS refuses to authenticate any user who does > not have an = > > account on the local workstation. > > That's most likely the fault of PAM, if the user is trying to log > into the box. The user is not trying to log into the box.

Re: FreeRadius 0.5 and Debian 3.0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Monday 08 April 2002 12:20, you wrote: > Yikes, not good. I mananged to build a cvs-snapshot after > a fair amount of mucking around but I'm not sure I'd want > to run the end result :) FWIW... my notes on how... oh my...I haven't built any of the

Re: Freeradius with NT4 (not recording octets)

Dear Rhys (Gallamda), I really surprised RRAS from NT4 supports RADIUS. Turn on extended logging and send a log for Accounting packet. --Monday, April 8, 2002, 1:41:36 PM, you wrote to [EMAIL PROTECTED]: RG> Hello, RG> I have Freeradius 4 running on Mandrake, RG> I have an NT4 box loaded wit

Re: return of freeradius

On Mon, 8 Apr 2002 [EMAIL PROTECTED] wrote: > hi all >i read the doc "Simultaneous-Use" but i got confused.the "users" file looks like > ** > DEFAULT Auth-Type := LDAP ,Simultaneous-Use := 1 > Fall-Through = 1 > *

Re: IP POOL

On Mon, 8 Apr 2002, Jacobo [iso-8859-1] González Simón wrote: > Thanks for your reply but i don`t undestand you. > > I haven´t rlm_ippool module. > > Kostas Kalevras escribió: > > > > > Try the rlm_ippool module. It will do your job just fine. Check out the > > comments in radiusd.conf. > > rlm_

Re: error when using freeradius with mysl authentication

It works now. Thank you! Dirk - Original Message - From: "tywe" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, April 06, 2002 12:16 AM Subject: Re: error when using freeradius with mysl authentication > Hello, > > That website you visited seems to be wrong. I had the sa

Re: FreeRadius 0.5 and Debian 3.0

e debian package is outdated > (0.4) ... Yikes, not good. I mananged to build a cvs-snapshot after a fair amount of mucking around but I'm not sure I'd want to run the end result :) FWIW... my notes on how... wget ftp://ftp.freeradius.org/pub/radius/CVS-snapshots/freeradius-snap

Re: IP POOL

Thanks for your reply but i don`t undestand you. I haven´t rlm_ippool module. Kostas Kalevras escribió: > > Try the rlm_ippool module. It will do your job just fine. Check out the > comments in radiusd.conf. rlm_counter module and do s/counter/ippool. ?? Where do i copy Makefile

Freeradius with NT4 (not recording octets)

Hello,   I have Freeradius 4 running on Mandrake,   I have an NT4 box loaded with RRAS (radius client)   The authentication & logging works fine except it shows 0 bytes always   Does anyone know of a workaround for this?   Thanks Heaps   Rhys

why 'sql' is not allowed in authentication section

I follow the instruction given by http:///www.frontios.com/freeradius.html and add 'sql' in the authentacation section. But when I restart the radiusd, I am told that SQL modules aren't allowed in 'authenticate' section--they have no such method. Thanks for your helpŠËbú?²æìr¸›{û§²æìr¸›y'ž†

why 'sql' is not supported in Authentication method?

I follow the instruction given by http:///www.frontios.com/freeradius.html and add 'sql' in the authentacation section. But when I restart the radiusd, I am told that SQL modules aren't allowed in 'authenticate' section--they have no such method. Thanks for your help!.+-Šwèþ˛±ÊâmïîžË›±Êâmäžz

why 'sql' is not allowed in authentication section/

I follow the instruction given by http:///www.frontios.com/freeradius.html and add 'sql' in the authentacation section. But when I restart the radiusd, I am told that SQL modules aren't allowed in 'authenticate' section--they have no such method. Thanks for your help!.+-Šwèþ˛±ÊâmïîžË›±Êâmäžz

Re: return of freeradius

There is a file called ldap.attrmap in the raddb directory. Have a look at it. This file defines the mapping between ldap attributes and the items which you want to return. [EMAIL PROTECTED] wrote: > hi all >i'm now working with freeradius.4 and openldap2.23,i want to return someting su

Re: rlm_sql_postgresql problem in FR 0.5+

Hello Timophey, Friday, April 05, 2002, 4:16:42 PM, you wrote: T> Hi all. T> I faced with a problem on FR 0.5: T> when using FR 0.4 I have my a single record for both Start and STOP T> accounting requests. T> Since I have changed to FR 0.5 my accounting records double with stop of the T> sessi