Hi Michael,
I have setup the "chillispot"+"freeRadius"+"Win2k3AD" for my wireless
network. Everything is working but the AD authentication. Apparently the
reason not working is because AD does not like the CHAP authentication
and AD likes MS-CHAP. I do not know how to configure and where to
con
Sam Schultz wrote:
radiusd.conf, authorize block:
Autz-Type SQL-BOGUS {
sql-bogus
}
radiusd.conf, authenticate block:
Auth-Type SQL-BOGUS {
sql-bogus
}
Both of these are incomplete.
The latter is almost certainly not valid
TZieleniewski wrote:
the authorize section is the section which defines procedures
responsible for granting a user an access to specific type of service.
For instance if we use sql or files module in authorize section we can
intuitivly imagine that they do some checks about user data.
For insta
Hello list, Im using freeradius-1.1.2 whit ms-sql. I'm having serius
problems with return-codes on reject messages. All was working fine with
previus version of freeradius. I was reading something about that is not
allowed return-codes on reject, but I think it is wrong because most of
return-c
Is there a way to parse the input of a username and password before
it is passed to the back end database? I'm doing mac address
authentication and some devices are passing the mac address with
dashes, where I need to have no separation between the octets. I
basically need to strip out th
Michael Lecuyer wrote:
> You can send a Disconnect-Message from the RADIUS server to the client
> to disconnect them if the NAS supports DM/COA. The DM will cause the NAS
> to drop the connection effectively disconnecting them from any services
> they were using.
Yesin other words
>> Chec
I've been trying to set up FR in a realm-based configuration using
only LOCAL realms that are passed to different MySQL tables via
different instances. This setup, like several previous questions
posted to this list for similar setups, requires conditional
branching. The solution as suggested
Alright, I'm going to step back and talk conceptually. The issue is that
the laptops use a combination of LDAP and Kerberos to authenticate to
the Domain Controllers. (OpenLDAP and a Kerberos KDC.) to authorize and
authenticate Humans. So you get a Chicken/Egg issue. You can't
authenticate Humans u
Alan DeKok napisaĆ(a):
tzieleniewski wrote:
I am using mysql module as the authorization module and I get the following warning:
!!!
!!!Replacing User-Password in config items with Cleartext-Password.
You can send a Disconnect-Message from the RADIUS server to the client
to disconnect them if the NAS supports DM/COA. The DM will cause the NAS
to drop the connection effectively disconnecting them from any services
they were using.
Dennis Skinner wrote:
satish patel wrote:
I
satish patel wrote:
> I have useing freeradius with microsoft mssql now my
> question is how do i disconnect user from freeradius means example:-
> user xyz is online and i want to disconnect user from radius so what is
> the option for this task ?? is there any script or any option
yao guoxian wrote:
> input command:./bin/mysql -u root
> output results:Welcome to the MySQL monitor. Commands end with ; or \g.
> Your MySQL connection id is 2 to server version: 5.0.20-standard-log
*sigh*
You installed MySQL but did none of the security things that it probably
told you
tzieleniewski wrote:
> I am using mysql module as the authorization module and I get the following
> warning:
> !!!
> !!!Replacing User-Password in config items with Cleartext-Password.
> !!!
> !!!
Hi!
I am using mysql module as the authorization module and I get the following
warning:
!!!
!!!Replacing User-Password in config items with Cleartext-Password. !!!
I have a small accounting problem with freeradius and dialup admin which
I can't find a way to solve it.
I've set freeradius to authenticate EAP-TLS, I want to log people who
failed to authenticate to mysql with rlm_sql, which will show in dialup
admin failed login page.
I put in radiusd.con post
Dear all,
does the rlm_otp module also support time based otps without challange
response ?
background:
actualy i have a cell phone that generates a time based otp.
now i want to do the authentication process with the help of the rlm_opt
module.
is it possible or do i have to write my own too
Dear ALL
I have useing freeradius with microsoft mssql now my question
is how do i disconnect user from freeradius means example:- user xyz is online
and i want to disconnect user from radius so what is the option for this task
?? is there any script or any option to integrate w
Richard Hesse wrote:
Nevermind I found the problem. There's a limitation in
ldap_groupcmp() such that only the last LDAP module instantiated is
actually checked -- ignoring whatever you specify. I found this info
from
http://lists.cistron.nl/pipermail/freeradius-users/2004-June/033220.html.
T
Richard Hesse wrote:
>
> Yes, that's what I ended up doing. However, I lose the ability
> to do load-balance and redunancy constructs.
Why?
> rlm_ldap indicates
> that I can list multiple LDAP servers for the host in
> radius.conf. How exactly does that work compared to redundancy
> or load-bal
> In any case, if you carefully read the text you quoted, you'll see a
> solution that doesn't require patches: List ALL ldap modules in the
>"instantiate" section, and list "ldap_enable" last.
> Alan DeKok.
Yes, that's what I ended up doing. However, I lose the ability to do
load-balance and r
20 matches
Mail list logo