-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hey,
we start the radiusd in debugging mode and with the following line in
rc.local we now just get the loggin attempts into the radius.log:
tail -f /var/log/radius/radius_complete.log | grep --line-buffered \:\
Login /var/log/radius/radius.log
Hi
I am trying to create three groups of users. I want to
restrict access to functionality based on which group
the user is in. For this i need to get this group
information in the radius client also.
Is there some standard way of telling the
client that this user belongs to this group.If so
Is there some standard way of telling the
client that this user belongs to this group.If so how
do i set this on the radius server.
Several NASes support the Login-LAT-Group reply attribute for this purpose:
check with your NAS doc.
HTH,
Thibault
-
List info/subscribe/unsubscribe? See
Hi, i was following this thread bcoz are also interested in authenticate
computers by MAC address.
i have Freeradius up and running, based on
- Username
- Password
- Mac
now i followed the conversation, and tried the following in my users file.
DEFAULT Calling-Station-Id == macaddres
The patch did improve things, but is still isn't perfect. If I configure
my VISTA client to prompt me for my credentials the authentication works
and I get connected. If I configure my VISTA client to use my windows
login credentials (This is the default behavior) the Auth fails. For
some reason
Hello,
I Just move from OpenRadius to Freeradius and I couldn't find any
place to tell the accounting module to write the sql insert command
into a file if the MySQL server is not available.
I found a way to do it on the detail file, but not on a file to leave
all the INSERT querys for later
I'm getting a core dump with freeradius when I try to use Kerberos
authentication on a FreeBSD box running 6.1-Stable with an AMD64 platform.
I can run FreeRadius with Kerberos authentication on FreeBSD 6.1 Stable
with the i386 platform with no problems.
If you can point me in a direction to
Hi,
For some reason I'm getting slow response of access-reject when user uses
wrong passwords. I'm using MySQL and first I thought that the delay is due
to db, but if user password is ok im getting access-accept in 1.9ms. Where
if user pass is incorrect im getting access-rject only after 1
Hello all
I hope this question has been asked a dozen times before.
I have the following idea to a setup that I want to ask this is even
possible with a freeRadius server.
The scenario is multiple customers with their own windows domain servers
where I want to authenticate ciscp vpn clients
Hi,
The patch did improve things, but is still isn't perfect. If I configure
my VISTA client to prompt me for my credentials the authentication works
and I get connected. If I configure my VISTA client to use my windows
login credentials (This is the default behavior) the Auth fails. For
some
Wilmar Campos wrote:
Hello,
I Just move from OpenRadius to Freeradius and I couldn't find any
place to tell the accounting module to write the sql insert command
into a file if the MySQL server is not available.
rlm_sql_log. It's another module, rather than being part of rlm_sql,
but it
Alex M wrote:
Hi,
For some reason I’m getting slow response of access-reject when user
uses wrong passwords. I’m using MySQL and first I thought that the delay
is due to db, but if user password is ok im getting access-accept in
1.9ms. Where if user pass is incorrect im getting access-rject
Can you please give me an example how to use it?
Thanks,
WIlmar
On 11/30/06, Alan DeKok [EMAIL PROTECTED] wrote:
Wilmar Campos wrote:
Hello,
I Just move from OpenRadius to Freeradius and I couldn't find any
place to tell the accounting module to write the sql insert command
into a file if
Wilmar Campos wrote:
Can you please give me an example how to use it?
It has documentation, and comments in it's configuration, I believe.
Do you have specific questions?
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The
Hi all,
I'm trying to configure the server to use LDAP for authentication
And am finding the documentation to be less than straightforward.
We don't use openldap or eDirectory - which is what the docs are
Derived from. The information for FreeRADIUS and LDAP seems to
suggest that I need to
I Already found the documentation, thank you very much.
Wilmar
On 11/30/06, Alan DeKok [EMAIL PROTECTED] wrote:
Wilmar Campos wrote:
Can you please give me an example how to use it?
It has documentation, and comments in it's configuration, I believe.
Do you have specific questions?
hi all,
I'm trying to install FR onto a new box but am getting errors during
make. I using Linux debian 2.6.8-2-386.
./configure --with-openssl-libraries=/usr/local/ssl/include/openssl/
--with-rlm-perl-lib-dir=/usr/lib/perl/ --with-snmp=no
errors during make:
*** Warning: Linking the shared
On Fri, Dec 01, 2006 at 10:06:07AM +1100, Peter Param said:
hi all,
I'm trying to install FR onto a new box but am getting errors during
make. I using Linux debian 2.6.8-2-386.
./configure --with-openssl-libraries=/usr/local/ssl/include/openssl/
--with-rlm-perl-lib-dir=/usr/lib/perl/
ah yes. Thanks it worked.
[EMAIL PROTECTED] 12/01/06 11:21 AM
On Fri, Dec 01, 2006 at 10:06:07AM +1100, Peter Param said:
hi all,
I'm trying to install FR onto a new box but am getting errors during
make. I using Linux debian 2.6.8-2-386.
./configure
Hi,
How can I add default Reply-Message to the situation where Access-Reject was
sent because of incorrect password?
I looked at the user's file but it seams that I have no way to determine if
access-accept or reject was sent. it only has example how to send the
message to a reject group.
hi
does that mean that sending/receiving of the group
information would depend on the method used for auth
at the radius server ? say if the server is configured
for a unix authentication , then how can this info be
transmitted to radius client.
thanks
ganesh
--- Thibault Le Meur [EMAIL
Alex M wrote:
Hi,
How can I add default Reply-Message to the situation where Access-Reject
was sent because of incorrect password?
Are you sure you want to inform the user of the reason they are getting
rejected? Sounds like a nice way to help a brute-force attacker...?
Also have a look
22 matches
Mail list logo
