I'm afraid I can't find where the relevant is. can you explain that
furthermore?
Actually, I have tried to compile that at two PCs with different versions of
redhat, 7.3 and 9.0.
At the redhat 7.3, I chose Full install, and I chose Minimal install at
the other.
I found out the eap-sim module can
Hi list,
I'm using freeradius 0.9.1 (into RH 7.2 box) to
account and validate my own web users,
andI would ask a question:
How can my users change their password without
editing manually users file ??
I'm not an Radius expert, so, Are there some
request RADIUS standardpacket to
do this ??
Hello list,
I'm running freeradius-0.9.3 with openldap auth, and it's working nicely.
However, when I try to limit groups to certain times, I find that users
are still able to log in when they should be blocked.
My ldap records have a rategroupid field, which is mapped to Ldap-Group.
My users
You can search on the registry for EAPOL.
Delete all the entrys and reauthenticate.
lguido
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of BLANCA FERRERO RODRIGUEZ
Sent: Friday, May 28, 2004 14:20
To: [EMAIL PROTECTED]
Subject: Re: how to change
DEFAULT Ldap-Group == sundayonly, Login-Time = 2000-0500,
Auth-Type := LDAP
Fall-Through = Yes
I believe you want a Login-Time attribute like this: Al2000-0500 for
all days of the week between 20:00 and 5:00.
Hope that helps,
Keith Yoder
-
List info/subscribe/unsubscribe? See
Gavin White escreveu:
DEFAULT Ldap-Group == sundayonly, Login-Time = 2000-0500,
Auth-Type := LDAP
Fall-Through = Yes
Okay, looking at this more closely I think you need to use the :=
operator because this is a check item.
Try Login-Time := Al2000-0500
Keith Yoder
-
List
baffy200y [EMAIL PROTECTED] wrote:
1.Checking users file
If the User-Name is found,check the User-Password.
The server can't do that. The authorize section doesn't do any
authentication.
I would re-write your request as:
1.Checking users file
If the User-Name is not found, go to
Ruslan A Dautkhanov [EMAIL PROTECTED] wrote:
For unconditional change Nas-IP-Address to Client-IP-Address
Why?
attr_rewrite set_real_nas_ip {
attribute = NAS-IP-Address
searchin = packet
searchfor = ^.*$
replacewith
Spencer Stapleton [EMAIL PROTECTED] wrote:
I can't figure out the regex syntax used in attr_rewrite, and am
unable to find any useful docs pertaining to this anywhere
$ man regex
The regex engine used is whatever is already on your machine.
I noticed that the debug line has dropped the
Juan [EMAIL PROTECTED] wrote:
i have read configurable_failover for three times but i can not do
that freeradius failover with ippool. I have two pools that i want
to use then for all my users. I need that freradius start to asign
IPs from the second Pool whe the first is full. I do not known
On Sunday 30 May 2004 14:07, Gary McKinney wrote:
Hmmm -
The logic of the request does not really make much sense... If the
FreeRadius
server is responding to the NAS but the mysql server back-end is not
responding
that does not mean the radius server is broken...
I would think you could
Fredrik Ohrn [EMAIL PROTECTED] wrote:
Initially I had some trouble getting ntlm_auth accepting the username
given to it (on the form domain\\username). I ended upp writing a small
script that chopped of the domain\\ part before sending it to ntlm_auth,
also had to add --domain=mydomain to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 05 November 2003 14:27, David Cadenas wrote:
Hi everybody,
I have a problem with the loading of the driver rlm_sql_postgresql.
I have added sql to the list in authorize section of the radiusd.conf,
between suffix and files.
When the
DEFAULT Ldap-Group == sundayonly, Login-Time = 2000-0500,
Auth-Type := LDAP
Fall-Through = Yes
Okay, looking at this more closely I think you need to use the :=
operator because this is a check item.
Try Login-Time := Al2000-0500
Keith Yoder
Reply-Message = You are calling outside
Hello.
Latest version of the FR doesn't work under Debian GNU/Linux when NPTL
used. I have the next configuration:
NAS, FR, MySql to store all attributes. RADGROUPREPLY table contain:
Exec-Program-Wait := /etc/freeradius/webadmin/webadmin-auth
This script used for authenificate users instead
Sergei Golod [EMAIL PROTECTED] wrote:
Latest version of the FR doesn't work under Debian GNU/Linux when NPTL
used.
It looks like the NPTL implementation of semaphores has problems.
The server uses a number of semaphores internally. From what I can
see of the debug log, the Exec-Program
RedHat 9 and Fedora Core both use NPTL threading. I've never seen any
problems like this, and I use FC1 as my production RADIUS server OS.
The only exec-program stuff I've used is the ntlm_auth portion of the
mschap module, and I've never had any problems with it. Perhaps it is
even
Gavin White [EMAIL PROTECTED] wrote:
The faq at http://www.freeradius.org/faq/#5.3 has the '=' syntax. I've
cc'd the maintainer.
Fixed, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Mon, May 31, 2004 at 11:17:59AM -0500, Michael Griego wrote:
RedHat 9 and Fedora Core both use NPTL threading. I've never seen any
problems like this, and I use FC1 as my production RADIUS server OS.
The only exec-program stuff I've used is the ntlm_auth portion of the
mschap module, and
Ladies and gentlemen,
We are proud to announce that the 1.0.0 release cycle for FreeRADIUS is
entering its final stages. The first pre-release wide-area-test tarball
is on the FreeRADIUS website: http://www.freeradius.org/
You can also download the tarball itself directly below:
Dusty,
Thanks. I spent some time working at it from the LDAP angle and it
still fails with the ldapsearch. I will do some more reading/research
to get that working first, then if I have problems getting it work
with FreeRADIUS, I will get back with you all. (If you have some good
recommendations
We are proud to announce that the 1.0.0 release cycle for FreeRADIUS is
entering its final stages. The first pre-release wide-area-test tarball
is on the FreeRADIUS website: http://www.freeradius.org/
Congratulations, I have several questions:
1. why is the option --with-large-files no by
I noticed that the debug line has dropped the regex '$'
end-of-string character, so I tried escaping it, but to no avail:
One '\' does nothing to the debug output, whilst two '\\' gives:
It's a bug in 0.9.3. The latest CVS snapshot should have it fixed.
Thanks, I can also confirm that
On Monday 31 May 2004 16:58, jesk wrote:
On Sunday 30 May 2004 14:07, Gary McKinney wrote:
Hmmm -
The logic of the request does not really make much sense... If the
FreeRadius
server is responding to the NAS but the mysql server back-end is not
responding
that does not mean the
On Tuesday 01 June 2004 00:41, jesk wrote:
On Monday 31 May 2004 16:58, jesk wrote:
On Sunday 30 May 2004 14:07, Gary McKinney wrote:
Hmmm -
The logic of the request does not really make much sense... If the
FreeRadius
server is responding to the NAS but the mysql server back-end
Damjan [EMAIL PROTECTED] wrote:
1. why is the option --with-large-files no by default? Are there
any shortcommings?
No. It's just that most people won't need it.
2. Why is the option --with-udpfromto no by default? The way I
understand it this should be on.
The new listen directive
Try chaning to using rlm_exec, and if that fixes the problem, then the
issue is near _that_ semaphore, and the best solution may be to either
find out what NPTL's doing differently (signal handling I suspect) and
fix/work-around it, or just deprecate Exec-Program-Wait after 1.0.0.
Already
Just exec-program or exec-program-WAIT? What version of libc6 used in FC1?
Sergei.
- Original Message -
From: Michael Griego [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, May 31, 2004 10:17 PM
Subject: Re: Latest freeradius and NPTL fail
RedHat 9 and Fedora Core both use NPTL
Hi,
I am using EAP authentication protocol. When I send an access request
from the NAS to the Radius Server, the server rejects the request.
Please let me know how to resolve this problem. The log messages of the
radius server are as follows:
Log Messages:
rad_recv: Access-Request packet from
29 matches
Mail list logo