try putting it in radgroupcheck and usergroup should assign a group to
each user.
that's how i use it with mysql
ciao
artur
[EMAIL PROTECTED] wrote:
Hi,
I'm currently configuring a Freeradius 0.9.1 with EAP-TLS support and
Postgresql.
If I put in 'users' file
DEFAULT Auth-Type := EAP
i know what you want to do :-)
but alan is right. don't set EAP manually. rather do the following:
- let the EAP module in the authorization section. put the sql module in
the authorization section as well.
- create an sql group with Auth-Type := Reject.
- create an sql group with Auth-Type
[EMAIL PROTECTED] wrote:
Don't set 'Auth-Type := EAP' *anywhere*. It's automatically set by
the EAP module.
I've set it in the radgroupcheck as this :
What part of Don't set it anywhere did you not understand?
rlm_eap: EAP-Message not found
because
On Sun, Sep 14, 2003 at 10:28:25AM -0400, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
Don't set 'Auth-Type := EAP' *anywhere*. It's automatically set by
the EAP module.
I've set it in the radgroupcheck as this :
What part of Don't set it anywhere did you not understand?
[EMAIL PROTECTED] wrote:
Do you mean that's impossible to forbids someone to log in
if he holds a valid certificate ?
No.
If authorize don't set EAP,
EAP will not be called in authenticate.
Yes.
That's exactly what I want, I want sql to authorize and
On Sun, Sep 14, 2003 at 02:46:28PM -0400, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
You obviously didnt' read any of my earlier messages. I said you
didn't have to set Auth-Type to EAP. The EAP module will do it for
you.
ok, it'll do it only if I use EAP in authorize, which I
Hi,
I'm currently configuring a Freeradius 0.9.1 with EAP-TLS support and
Postgresql.
If I put in 'users' file
DEFAULT Auth-Type := EAP
Everything works find, but if someone gets a certificate he can logs in.
I want to permit only user using postgresql. What should I put into radcheck,
[EMAIL PROTECTED] wrote:
I'm currently configuring a Freeradius 0.9.1 with EAP-TLS support and
Postgresql.
That won't work.
Everything works find, but if someone gets a certificate he can logs in.
That's what EAP-TLS is supposed to do.
(I don't know If I should put Auth-Type here)
On Sat, Sep 13, 2003 at 06:37:03PM -0400, Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
I'm currently configuring a Freeradius 0.9.1 with EAP-TLS support and
Postgresql.
That won't work.
Everything works find, but if someone gets a certificate he can logs in.
That's what EAP-TLS is