Alexsander wrote:
> hi alan,
> enabling log_goodpass and log_badpass I took this lines:
>
> rlm_mschap: External script failed.
And right before that in the log it shows you WHAT script it's
running, and WHY it failed.
If you want to solve the problem, don't delete every piece of useful
in
hi alan,
enabling log_goodpass and log_badpass I took this lines:
rlm_mschap: External script failed.
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
modcall[authenticate]: module "mschap" returns reject for request 6
modcall: leaving group MS-CHAP (returns reject) for request 6
rlm_eap
hi alan,
when I captured log I was using "radiusd -X -A -y -z > output.log"
another thing:
I capture some pieces of output log:
radius_xlat: Running registered xlat function of module mschap for
string 'NT-Domain'
radius_xlat: '--domain=REFAP'
radius_xlat: Running registered xlat function of modu
hi,
last time i checked i'm sure its printed in full debug mode :
radiusd -X
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
tks alan!
there is some way to force log show me what parameter it has passing
to ntlm_auth bin?
On 8/17/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Hi,
> > hi joe,
> > see this:
> > s8860ru01:/etc# /usr/bin/ntlm_auth --request-nt-key --domain=REFAP
> > --username=dadfh9
> > password:
> >
Hi,
> hi joe,
> see this:
> s8860ru01:/etc# /usr/bin/ntlm_auth --request-nt-key --domain=REFAP
> --username=dadfh9
> password:
> [2007/08/17 07:35:26, 10] intl/lang_tdb.c:lang_tdb_init(138)
> lang_tdb_init: /usr/share/samba/en_US.UTF-8.msg: No such file or directory
> NT_STATUS_OK: Success (0x0)
hi joe,
see this:
s8860ru01:/etc# /usr/bin/ntlm_auth --request-nt-key --domain=REFAP
--username=dadfh9
password:
[2007/08/17 07:35:26, 10] intl/lang_tdb.c:lang_tdb_init(138)
lang_tdb_init: /usr/share/samba/en_US.UTF-8.msg: No such file or directory
NT_STATUS_OK: Success (0x0)
s8860ru01:/etc#
isn
hi,
you are using the Stripped-User-Name and/or the User-Name.
however, the method you are attempting to use goes through the
MSCHAP module...so you want to look at using mschap:User-Name
attribute. or use unlang to regexp the domain. have you also
got with_ntdomain_hack = yes ?
alan
-
List in
Guillaume Rousse wrote:
>> 1.1.7
> As stated in my initial message, I have to fix the issue without
> changing version (standard distribution bugfix policy). Meaning
> backporting fix eventually.
If you stick with 1.1.2, there's a whack of other fixes you MUST
back-port:
http://freeradius.org/s
[EMAIL PROTECTED] a écrit :
> Hi,
>> Hello.
>>
>> I'm a mandriva package maintainer, and I'm trying to solve a strange
>
> 1.1.7
As stated in my initial message, I have to fix the issue without
changing version (standard distribution bugfix policy). Meaning
backporting fix eventually.
--
Guillaum
shantanu choudhary wrote:
> well i want to use database in place of user file.
> now as i see one option is using mysql or using LDAP. Unfortunately i am
> biased towards LDAP as i have already created my database in it.
That's fine.
> and my problem starts here this radius server will come int
Hi Guys,
I'm trying to use freeradius with peap+mschapv2+ldap+realms.
If i don't use realms, everything works fine.
But the problem is that i need to stripp of the domain part of the username,
cause windows sends TEST\cfra .
But i have only cfra in my ldap .
So i di the follwing:
radius.conf:
Kevin J wrote:
> We want to reject slb health checks immediately. What is the best
> way to do that? tried to add "healthcheck Auth := Reject" but it
> still go through all authorization/authentication modules. Is there
> anyway that we can immediately reject it so we can make it lighter?
Plea
Hi,
> Hello.
>
> I'm a mandriva package maintainer, and I'm trying to solve a strange
1.1.7
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello.
I'm a mandriva package maintainer, and I'm trying to solve a strange
issue with our freeradius package. On mandriva 2007.1, the server
crashes immediatly after forking (SIGPIPE error), whereas it works OK
with -x debug flag. The same package, built on mandriva 2007.0, works OK
also.
You ha
It looks like it might be device (or even worse os version) dependant.
We use it with ME60E.
In most of the caseses it looks like just a different naming
convention. I got ours from rewriting the merit radius one.
kind regards
Pshem
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
well i want to use database in place of user file.
now as i see one option is using mysql or using LDAP. Unfortunately i am biased
towards LDAP as i have already created my database in it. Now as radiusd file
says
However, LDAP can be used for authentication ONLY when the
# Access-R
> Does the current implementation of free radius provides
> capability that these keys can be securely transfererred to
> the VPN gateway ?
No.
josh.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have this :
#
# dictionary.erx
#
# Unisphere's broadband RAS
# From Terje Krogdahl <[EMAIL PROTECTED]>
#
# Version: $Id: dictionary.erx,v 1.1 2001/04/27 15:16:35 aland Exp $
#
VENDOR HUAWEI 2011
ATTRIBUTE hw_Input_Peak_Rate 1 integer HUAWEI
ATTRIBUTE hw_I
I have this :
#
# dictionary.erx
#
# Unisphere's broadband RAS
# From Terje Krogdahl <[EMAIL PROTECTED]>
#
# Version: $Id: dictionary.erx,v 1.1 2001/04/27 15:16:35 aland Exp $
#
VENDOR HUAWEI 2011
ATTRIBUTE hw_Input_Peak_Rate 1 integer HUAWEI
ATTRIBUTE hw_I
20 matches
Mail list logo