I noticed too, there is no scope in the ldap configuration. It's time
consuming for nothing.
I know what the DN is and found no way to avoid the search uid=xxx
There's some little improvements todo I think.
Tomasz Wolniewicz a crit :
I am using the groupmembership_attribute to add users to
Hello
I have a problem with a new installation of freeradius 1.0.1
running in Fedora Core 2
the freeradius was installed right from the original rpm. my old radius was
cistron but it diffiers
from freeradius to much.
In my setup Im authenticating from System or password files, in
Hi All
Is it possible to manage a session time with Data
base mysql an Freeradius?
For example, to limit for one user or UserGroupe
amax time ofconnexion (with connect and disconnect) of 12
hours.
In the case yes, howto do
that?
Thanks for all.
Stphane from
France...
Hi,
I notice the same problem. I think the problem is in src/mail/auth.c when
the failure is not passes to the postauth function. I wrote a little patch
to fix it.
The code in the CVS tree is changed and I think that some tests have been
moved to another module. I didn't try the CVS, so I
I understand that freeradius is based on RFCs and that changing some
attributes modifies the protocol. But in my case I want every radius packet
to have fixed User-Name and Password length (because my thesis
implementation says so!). All I asked is which files contain the code that
determine
Hi,
In clients.conf there is 127.0.0.1.
I give below clients.conf file --
# clients.conf - client configuration directives
#
# This file is included by default. To disable it,
you will need
# to modify the CLIENTS CONFIGURATION section of
radiusd.conf.
#
Andrea Gabellini wrote:
I notice the same problem. I think the problem is in src/mail/auth.c
when the failure is not passes to the postauth function. I wrote a little
patch to fix it.
In the section if (r != 0), there's a return RLM_MODULE_REJECT; statement,
which is why rad_postauth is never
ciao a tutti:help
dopo la fase di autorizzazione il freeradius da il seguente errore
freeradius:relocation error:usr/local/lib/rlm_eap_peap_1.0.1.so:undefined
symbol:eaptls_process
avete qualche consiglio o un aiuto da darmi
grazie
Nicolas Baradakis wrote:
The problem you ran into has exactly the same cause as bug #149 in
bugzilla. I'm going to write a patch which corrects both your problem
and bug #149 when I have some free time. I hope I can do this before
the 1.0.2 is released...
I submitted a patch as attachment to bug
On Tue, 30 Nov 2004, Tomasz Wolniewicz wrote:
I am using the groupmembership_attribute to add users to certain groups,
unfortunately rlm_ldap will always also run a subtree search using the
groupmembership_filter, which for my case is completely useless. From what I
see in the code, there seems to
On Tue, 30 Nov 2004, Stephane SALELLES wrote:
Hi All
Is it possible to manage a session time with Data base mysql an Freeradius?
For example, to limit for one user or UserGroupe a max time of connexion
(with connect and disconnect) of 12 hours.
In the case yes, how to do that?
Look at the
On Tue, 30 Nov 2004, LALOT Dominique wrote:
Hello,
I've changed ldap.attrmap to include:
checkItem Pool-Name supannaffectation
That item is case insensitive as an ldap search
1.
I have to check now all the values of suppannaffectation to see if it's case
sensitive. Is
On Tue, 30 Nov 2004, Yyc wrote:
hi all,
There are servral radius server and one accouting server.
if i want to do realtime accouting, what should i do?
radrelay can run as deamon? or use crontab to let radrelay run every x mins?
radrelay can run as a daemon. But since you only have one
Hello,
If the 'radutmp' and 'radutmp sradutmp' sections ar completely
commented, the radius server wouldn't start. If only the content of
these modules are commented then anyway, the logs are written to all
three files. Any other idea?
Edgars
Thor Spruyt wrote:
Edgars wrote:
can i disable the
Im trying to manage two different passwd files for 2 types of users which I
am distinguishing with a hint... Ive defined 2 passwd modules in
radiusd.conf (1 for each file): lets say Mac and Users.
But Im not able to set corresponding authentication types: when I put Mac
and Users in the
On Mon, Nov 29, 2004 at 08:53:30PM +0100, Thor Spruyt wrote:
Hi,
I have configured freeradius to check against a postgresql database and
when the user is valid, execute an external script. (which works fine)
I have configured freeradius to store authentication results in a
postgresql
Edgars wrote:
If the 'radutmp' and 'radutmp sradutmp' sections ar completely
commented, the radius server wouldn't start. If only the content of
these modules are commented then anyway, the logs are written to all
three files. Any other idea?
Providing debugging output might help in providing you
On Tue, Nov 30, 2004 at 11:22:39AM +, [EMAIL PROTECTED] wrote:
freeradius:relocation error:usr/local/lib/rlm_eap_peap_1.0.1.so:undefined
symbol:eaptls_process
I didn't understand the rest of the email, but this suggests your
libltdl is too recent, and the cross-module linking used in 1.0.1
Hi All
I have been able to successfully compile and run freeRADIUS in MAC OS X
10.3. When I do a software update and upgrade my OS from 10.3 to any
10.3.X, I cannot compile. It gives me a Error running the make command.
Included is the error.
**
Kostas Kalevras [EMAIL PROTECTED] wrote:
That value should be configurable at some point. It was selected
somewhat large so that radrelay didn't create problems to slow
radius servers when it started sending a large detail file.
It should instead send packets as fast as the server responds.
TJ Burbank [EMAIL PROTECTED] wrote:
When attempting to start the FreeRadius server in Debugging mode I
get unable to bind port to ip address 0.0.0.0:1812
It should tell you why.
i.e. here's another RADIUS server running.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Lim Han Shyong [EMAIL PROTECTED] wrote:
1. Now i only wish to allow some PC login based on
Calling-Station-Id. So how to build list for Calling-Station-Id, any
suggestion ?
A list to do what?
rlm_passwd can look through lists formatted like /etc/passwd.
2. Radius also
[EMAIL PROTECTED] wrote:
My problem is that I haven't defined a client 127.0.0.1 but the file
/var/log/radius/radacct/127.0.0.1/detail
exist and is growing with only Stop records coming from the NASes but with
0 Acct-Session-Time
See the clients file. FreeRADIUS also reads that.
And
Panagiotis Mavros [EMAIL PROTECTED] wrote:
I understand that freeradius is based on RFCs and that changing some
attributes modifies the protocol. But in my case I want every radius packet
to have fixed User-Name and Password length (because my thesis
implementation says so!).
I could ask
hi,
radrelay can run as a daemon. But since you only have one accounting
server i don't see a point in using it. radsqlrelay (bug #154) could be
helpful in your installation.
Must I modify radrelay source code to run it as a deamon?
I mean than every radius server record accouting packet in
=?iso-8859-1?Q?Beno=EEt_Bianchi?= [EMAIL PROTECTED] wrote:
But I'm not able to set corresponding authentication types: when I
put Mac and Users in the authenticate section of radiusd.conf, FR
doesn't start with message: passwd modules aren't allowed in
'authenticate' sections
Yes. The
Thor Spruyt wrote:
If you're not more specific about what you're trying to accomplish,
I'm afraid nobody can advise you.
Sorry I want to have the freeradius Accounting entry insert into 2
database at the same time.
Where the 1st DB is for log process and the 2nd DB is for some
Thor Spruyt wrote:
If you're not more specific about what you're trying to accomplish,
I'm afraid nobody can advise you.
Sorry I want to have the freeradius Accounting entry insert into 2
database at the same time.
Where the 1st DB is for log process and the 2nd DB is for some
On Tue, 30 Nov 2004, Yyc wrote:
hi,
radrelay can run as a daemon. But since you only have one accounting server
i don't see a point in using it. radsqlrelay (bug #154) could be helpful in
your installation.
Must I modify radrelay source code to run it as a deamon?
No, it already does that by
hello
I compile freeradius 1.0.1 without problem on trustix linux system :
I run the command
#CFLAGS=-I/usr/include/etc .
configure for the problem of com_err.h
#make
#make install
but when I run the server radius :
is it possible in some way to keep the NAS ip address in for of DNS name
in the postgresql DB? i can add the DNS name to the 'nas' table but how
will freeradius respond to this - will it automatically resolve it to IP
address? It's all necessary in case of dynamic IPs..
Edgars
-
List
Hello,
I have a problem, when I insert user and psw in
a client, there is an error, this is the log on
the display of server. The freeradius is running
in debug by freeradius -x
rad_recv: Access-Request packet from host
151.97.9.51:1246, id=4, length=126
User-Name = pippo
On Tue, 30 Nov 2004, Panagiotis Mavros wrote:
Sorry to bother you but it seems that i havent make my self clear about
what i want to do. User-Name and Password attributes MUST be EXACT 15 and 32
octets long(15 for username and 32 for pass). If radius receives a different
attribute length , it
Hello all, I am new to the list and new to Radius. Radius was set up prior
to me. I am sure I will get a lot of help from here when the docs are not
specific to my issue.
I am using Sun One DS 5.2 as my authentication source and freeradius-0.8-1
on RH Linux. I did not extend the schema to
I have EAP/TTLS implemented by doing the inner authentication against the
local system. (That's the way it works right now). However, I would like to
implement this by allowing differentiation of users, that is doing the inner
authentication against two different files (most likely MD5).
Is
Da man e posibil...
SI eu am cautat in documentatie o gramada :
Pui as A:
Simultaneous-Use := 1
Asta in tabela : radgroupcheck.
Si pui la grupul tau variabila asta.
On Tue, Nov 30, 2004 at 06:30:09PM +0200, Samareanu Florin wrote:
is there any way to prevent multiple logins for 1
You want to write that in chinese too?
On Tue, 30 Nov 2004 22:47:14 +
Mihai Barbulescu [EMAIL PROTECTED] wrote:
Da man e posibil...
SI eu am cautat in documentatie o gramada :
Pui as A:
Simultaneous-Use := 1
Asta in tabela : radgroupcheck.
Si pui la grupul tau variabila
Can anyone help me track down this segmentation fault when running
radius -X?
I have gone through all the config files and cannot find any cause. Must be
overlooking something somewhere.
Below is the output from gdb.
(gdb) bt
#0 0x4006d112 in lt_dlsym (handle=0x81522d0, symbol=0x8150890
On Tue, 30 Nov 2004, Wesley Joyce wrote:
Hello all, I am new to the list and new to Radius. Radius was set up prior
to me. I am sure I will get a lot of help from here when the docs are not
specific to my issue.
I am using Sun One DS 5.2 as my authentication source and freeradius-0.8-1 on
RH
On Tue, 30 Nov 2004 [EMAIL PROTECTED] wrote:
Hi all,
I am new to freeradius-users-lists, however, what I need to know is how to
set
the Expiration time for dialup-users with reference to the users
AcctStartTime
(i.e. Account First Login).
Can someone be of help?
Read doc/rlm_expiration (in
On Tue, 30 Nov 2004, [iso-8859-1] St?phane SALELLES wrote:
Thanks
But ..
I try to install rlm_sqlcounter but when I execute radiusd I've this message
after Module : Intantiated expr (expr) :
Error of Segmentation.
Probably segmentation fault. Though i told you rlm_counter, not
rlm_sqlcounter.
On Tue, 30 Nov 2004, Edgars wrote:
is it possible in some way to keep the NAS ip address in for of DNS name in
the postgresql DB? i can add the DNS name to the 'nas' table but how will
freeradius respond to this - will it automatically resolve it to IP address?
It's all necessary in case of
Nick Marino [EMAIL PROTECTED] wrote:
Can anyone help me track down this segmentation fault when running
radius -X?
It's the libltdl code. Have I mentioned I hate it?
The short solution is to build the server statically.
Alan DeKo.
-
List info/subscribe/unsubscribe? See
Panagiotis Mavros [EMAIL PROTECTED] wrote:
Sorry to bother you but it seems that i havent make my self clear about
what i want to do.
Details help a lot. So far, you've been resisting providing details.
User-Name and Password attributes MUST be EXACT 15 and 32 octets
long(15 for
Ivan D. Barrera [EMAIL PROTECTED] wrote:
Is there a way to configure Freeradius to authenticate users using different
passwd/shadow files to differentiate service by using different SSIDs?
Yes.
I assume I can have two similar users:
anonymous cisco_avpair==ssid=1
Service-Type =
Nick Marino - IT Solutions
- Original Message -
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, November 30, 2004 4:48 PM
Subject: [radius] Re: Segmentation Fault - gdb output
Nick Marino [EMAIL PROTECTED] wrote:
Can anyone help me track down this segmentation
Hi,
Is there a way to disconnect an active session with module sqlcounter if it
reaches it's maximum usage time?
Omar
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Tue, 30 Nov 2004, Omar Armas wrote:
Hi,
Is there a way to disconnect an active session with module sqlcounter if it
reaches it's maximum usage time?
counter/sqlcounter send back a Session-Timeout attribute containing the allowed
time online on user authentication. So the nas should disconnect
Well,
made a link to the 'as' file to where gcc is expecting it to be, changed the
permissions so it was executable, now the error is:
This
file contains any messages produced by compilers whilerunning configure, to
aid debugging if configure makes a mistake.
configure:746: checking for
I
think I may have found the problem. My Solaris install is the SUNWCuser cluster
which I don't think include the developer packages. Apparently these are needed
by gcc. I'll reinstall including all of the developer packages and see how it
goes.
Thanks
for your help anyway.
Lyle,
'as' is the GNU assembler and the version I am using came
from SFWgbin which is the GNU binutils.
Andrew.
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Cameron, Lyle KSent: Wednesday, 1 December 2004 1:07
PMTo: [EMAIL PROTECTED]Subject: RE:
Problems with
Ok would be possible to get some instruction on how to build it staticly, I
have looked through 14763 emails in this list that I have on my computer and
can find no reference and I have looked through the faq and all the docs I
could find in the FR source folder..
I tried what was in the faq
Hi,
I am currently running freeradius 0.8.1 with LDAP as backend. It works fine.
I need to upgrade to a later version because I need some features regarding
Autz.
Certain users have some Cisco ACLs associated in the LDAP tree that are send
to the NAS via Cisco-AVPair attribute. The ACLs have
Sorry, you are right, gcc uses the /usr/css/bin/as which is
from SUNWsprot on my machine.
Andrew.
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Andrew
MilneSent: Wednesday, 1 December 2004 1:47 PMTo:
'[EMAIL PROTECTED]'Subject: RE: Problems with
'configure' during
Juan Manuel Garcia Carral :
[skip]
I read the mail archive and found similar problems in threads:
about duplicated attribute in freeradius
Multiple cisco-avpair entries
where is referenced the use of += operator, which works fine if you are
adding the VSA attributes from the user files, but I am
55 matches
Mail list logo