build wrote:
G'day Oliver,
Thank you for that, no wonder :-(
However the build looks scary so I:
:/# patch -pl freeradius-openssl.patch
patch: strip count l is not a number
:/#
Is this easily fixed?
It's -p1, not -pl. As in one.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Brian De Wolf wrote:
While looking into fixes for my previous post, I began poking at 2.0.0-pre2.
I
see that radrelay's functionality is supposed to have been merged into the
main
server, but I do not see where it has the same capability of relaying
accounting
packets to other RADIUS
Hi all!
I have users in my system who are supposed to be able to logon as much as they
want, in a
period of 24 hours starting from their 1st logon.
This requires 2 entries in radgroupcheck, right?
Based on http://wiki.freeradius.org/Rlm_sqlcounter I think both Max-All-Session
Hi,
Hi guys/gals
Any ideas why i would be getting the error below ??
Here are the sql packages i have installed
mysql++-2.2.3-1.fc5
mysql-5.0.27-1.fc5
mysql-devel-5.0.27-1.fc5
mysql-server-5.0.27-1.fc5
you dont have any of the ltdl stuff installed
libtool-ltdl-devel
libtool-ltdl
Willem Gerber wrote:
Any ideas why i would be getting the error below ??
Add $(INCLTDL) to the RLM_CFLAGS line in
src/modules/rlm_sqlippool/Makefile
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[EMAIL PROTECTED] wrote:
Hi,
Hi guys/gals
Any ideas why i would be getting the error below ??
Here are the sql packages i have installed
mysql++-2.2.3-1.fc5
mysql-5.0.27-1.fc5
mysql-devel-5.0.27-1.fc5
mysql-server-5.0.27-1.fc5
you dont have any of the ltdl stuff installed
On 21/11/2007, Alan DeKok [EMAIL PROTECTED] wrote:
build wrote:
G'day Oliver,
Thank you for that, no wonder :-(
However the build looks scary so I:
:/# patch -pl freeradius-openssl.patch
patch: strip count l is not a number
:/#
Is this easily fixed?
It's -p1, not -pl.
Stefan Kohler wrote:
Looking for header files I tried
--with-oracle-home-dir=/usr/include/oracle/11.1.0.1/client , due to the
*.h files in that directory. That does not work. Any more hints?
$ CFLAGS=-I/usr/include/oracle/11.1.0.1/client
$ export CFLAGS
$ ./configure
Alan DeKok.
-
List
Hi Alan,
A better approach is to look for something like MAC authentication
Bypass in Cisco switches. If the client doesn't do 802.1x within a
certain time, the switch sends a RADIUS request containing the MAC
address.
We have more than 200 ThinClients. I'm afraid, this would be
Evert wrote:
I have users in my system who are supposed to be able to logon as much as
they want, in a
period of 24 hours starting from their 1st logon.
...
however, a user who is a member of the 24hours group is able to log on longer
than the
24hours period:
Is the server receiving
Is gcc installed ?
Cordialement,
Patrice OLIVER
Chef du Projet Ville Hôpital
Responsable Réseaux Sécurité
HOSPICES CIVILS DE BEAUNE
Service Informatique
BP 104
21203 BEAUNE CEDEX
Tél. 33 3 80 24 44 09
Fax 33 3
Thorsten Leiser wrote:
We have more than 200 ThinClients. I'm afraid, this would be unmanagable.
If a Client dies and e.g. a fellow forgets to unregister the MAC-Address,
the MAC-Address table of the radius server would be very messy after a few
months.
Huh? What do you mean by that?
If
build wrote:
Thank you both your patience is appreciated.
The build failed?
..
sh: gcc: command not found
You do need a compiler to compile things.
dpkg-checkbuilddeps: Unmet build dependencies: debhelper (= 5)
libltdl3-dev libpam0g-dev libmysqlclient15-dev | libmysqlclient-dev
Hi,
and I have no bloody idea what to do.
or have I tested your patience to it's limit?
You should read the Debian Policy (at least the section about building
packages from src) in order to understand how building from source works
the Debian Way. :-)
Briefly:
0) configure a deb-src for
Am Mi, 21.11.2007, 11:09, schrieb Alan DeKok:
Stefan Kohler wrote:
Looking for header files I tried
--with-oracle-home-dir=/usr/include/oracle/11.1.0.1/client , due to the
*.h files in that directory. That does not work. Any more hints?
$ CFLAGS=-I/usr/include/oracle/11.1.0.1/client
$
Alan DeKok wrote:
Evert wrote:
I have users in my system who are supposed to be able to logon as much as
they want, in a
period of 24 hours starting from their 1st logon.
...
however, a user who is a member of the 24hours group is able to log on
longer than the
24hours period:
Is
Do this
1) Be root.
2) create de directory (freeradius for example)
mkdir freeradius
cd freeradius
3) Follow these instructions :
apt-get update
apt-get build-dep freeradius
apt-get source freeradius
apt-get install libssl-dev fakeroot
apt-get source freeradius
cd freeradius-1.1.x/debian/
On Wed 21 Nov 2007, Stefan Kohler wrote:
Am Mi, 21.11.2007, 10:16, schrieb Stefan Kohler:
Am Mi, 21.11.2007, 00:37, schrieb Peter Nixon:
On Tue 20 Nov 2007, Stefan Kohler wrote:
Hi users,
I have a problem compiling a RPM-package for SLES10 and I followed
the instructions on the
Stefan Kohler wrote:
Thanks for the quick response. Now, how do I configure that to happen
during the RPMbuild, as I put the whole .tar.bz2 file in the SOURCES
folder?
Edit the RPM spec file.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Wed, Nov 21, 2007 at 12:06:12PM +0100, Stefan Kohler wrote:
Thanks for the quick response. Now, how do I configure that to happen
during the RPMbuild, as I put the whole .tar.bz2 file in the SOURCES
folder?
Modify the spec file.
--
--Jos Vos [EMAIL PROTECTED]
--X/OS Experts in
Hopefully you didn't forget to set the user-group mapping in usergroup
table, right?
Regards,
Liran.
On Nov 21, 2007 1:01 PM, Evert [EMAIL PROTECTED] wrote:
Alan DeKok wrote:
Evert wrote:
I have users in my system who are supposed to be able to logon as much as
they want, in a
period
http://lists.freeradius.org/mailman/htdig/freeradius-users/2007-October/066981.html
Dana 21/11/2007, OLIVER Patrice [EMAIL PROTECTED] piše:
Hello,
I don't find the script you talk about.
What's its name ?
Regards.
Cordialement,
Patrice OLIVER
Chef du
Am Mi, 21.11.2007, 12:18, schrieb Alan DeKok:
Stefan Kohler wrote:
Thanks for the quick response. Now, how do I configure that to happen
during the RPMbuild, as I put the whole .tar.bz2 file in the SOURCES
folder?
Edit the RPM spec file.
Tried to do so, put the needed line here:
...
G'day Patrice,
It did not occur to me that gcc was a package. Installed gcc.
But:
dpkg-checkbuilddeps: Unmet build dependencies: debhelper (= 5)
libltdl3-dev libpam0g-dev libmysqlclient15-dev | libmysqlclient-dev
libgdbm-dev libldap2-dev libsasl2-dev libiodbc2-dev libkrb5-dev snmp
autotools-dev
There is indeed a record in the usergroup-table with
UserName= ofjyc5
GroupName= 24hours
;-)
Regards,
Evert
liran tal wrote:
Hopefully you didn't forget to set the user-group mapping in usergroup
table, right?
Regards,
Liran.
On Nov 21, 2007 1:01 PM, Evert [EMAIL
How about checking Alan's comment on whether your NAS
is actually sending accounting information or not?
Regards,
Liran.
On Nov 21, 2007 2:12 PM, Evert [EMAIL PROTECTED] wrote:
There is indeed a record in the usergroup-table with
UserName= ofjyc5
GroupName= 24hours
;-)
Regards,
On 21/11/2007, OLIVER Patrice [EMAIL PROTECTED] wrote:
Do this
BIG SNIP
I've printed that out, there's quite a bit.
I looked at the rules file but do not see where this goes???
quote
Modify it to get something like this :
buildssl=--without-rlm_otp --without-rlm_sql_postgresql --without-snmp
From this location I have no direct access to the NAS in question at the
moment, so that
will have to wait a bit.
But what about my comment that the user should not get a 'Login OK' but a
'Invalid user
(rlm_sqlcounter: Maximum never usage time reached)' as soon as 24 hours have
passed and he
If your NAS is not sending any accounting packets to the server on the usage
for a user how should freeradius know to increment it's counter for
the attribute?
So how about you eliminate all of the possible obvious errors by
telling us which
NAS is it (someone here might have had the same
No, that's not what you have set up. If user uses several sessions he
will be able to use up 24 hours of online time over several
days/weeks/months/years.
Your requirement: I have users in my system who are supposed to be able
to logon as much as they want, in a period of 24 hours starting from
True, it managed to confuse me, but re-reading Evert second
post All I need is that when the user tries to log in again 24
hours after 1st logon
(based on AcctStartTime) he gets a 'Maximum never usage time reached'.
- Ivan's solution is on the spot.
Though if we give this a little bit more
I've been checking radacct, and there is a record there for every 'Login OK'.
Isn't the
oldest of those used to figure out when 24 hours have passed?
IMHO the type of NAS and/or sniffing for stuff is not relevant here. It's the
RADIUS
server which keeps on giving 'Login OK' even after the
Is it possible to have multiple user files.
To make it more readable i want to split up my userfile into different
files depending on the usertype (scanners, pc's, ... )
Is this possible by just adding multiple userfile entries?
Stieven Struyf
M.I.S. Division - System Operations
Komatsu Europe
[EMAIL PROTECTED] wrote:
Is it possible to have multiple user files.
To make it more readable i want to split up my userfile into different
files depending on the usertype (scanners, pc's, ... )
Is this possible by just adding multiple userfile entries?
No.
You can have one master file
This is more a MySQL question rather than a RADIUS one, but I thought
I'd ask here first. For some reason I can't put my head around this issue.
I have NAS's in several different PoP's. Each PoP has it's own
(different) IP block.
What I want to do is modify dialupadmin's tot_stats script.
That's not how counters work. Daily counter will count usage during that
day. Next day it starts from 0. It doesn't care what happened the day
before. If you want an account to expire after a set period of time use
Expiration attribute.
Ivan Kalik
Kalik Informatika iSP
Dana 21/11/2007, Evert
Alan, I didn't find any option for the mschapv2 problem in your web page.
Unencrypt ldap passwords is not a smart solution.
It seems that windos xp client only accept mschapv2 or TLS to authenticate, if
a use TLS, I cannot use ldap because only the client certificate is used to
authenticate.
Eduardo Lima wrote:
Alan, I didn't find any option for the mschapv2 problem in your web page.
I have no idea what you mean by that. The compatibility page you were
pointed to is all that matters here:
http://deployingradius.com/documents/protocols/compatibility.html
Unencrypt ldap
Thanks,
:)
Cordialement,
Patrice OLIVER
Chef du Projet Ville Hôpital
Responsable Réseaux Sécurité
HOSPICES CIVILS DE BEAUNE
Service Informatique
BP 104
21203 BEAUNE CEDEX
Tél. 33 3 80 24 44 09
Fax 33 3 80 24 45
Hi,
Alan, I didn't find any option for the mschapv2 problem in your web page.
Unencrypt ldap passwords is not a smart solution.
It seems that windos xp client only accept mschapv2 or TLS to authenticate,
if a use TLS, I cannot use ldap because only the client certificate is used
to
G'day Patrice,
It did not occur to me that gcc was a package. Installed gcc.
But:
dpkg-checkbuilddeps: Unmet build dependencies: debhelper (= 5)
libltdl3-dev libpam0g-dev libmysqlclient15-dev | libmysqlclient-dev
libgdbm-dev libldap2-dev libsasl2-dev libiodbc2-dev libkrb5-dev snmp
I've read the faq, wiki, etc and the sample configs that come with freeradius,
but I'm a bit stuck
I want to have users use SSH to login to the server, but use radius as the
authentication method,
is this possible?
and if so, what would a sample config look like for this?
sorry, I'm a bit
I understand that part.
But I'm not talking about going to another server, I'm talking locally.
so PAM can talk to the local radius server on the server the user is connecting
to?
I still can't figure out how to configure this, which is where I really need
the help.
the dial-up/telnet examples
On Wed 21 Nov 2007, Stefan Kohler wrote:
Am Mi, 21.11.2007, 12:18, schrieb Alan DeKok:
Stefan Kohler wrote:
Thanks for the quick response. Now, how do I configure that to happen
during the RPMbuild, as I put the whole .tar.bz2 file in the SOURCES
folder?
Edit the RPM spec file.
Dan Gahlinger wrote:
I've read the faq, wiki, etc and the sample configs that come with
freeradius,
but I'm a bit stuck
I want to have users use SSH to login to the server, but use radius as
the authentication method,
is this possible?
Yes. SSH calls PAM. PAM uses the pam_radius_auth
Hi
I need more info about Expire attribute. Where I can find them (for
example where do I need to put it when I'm using mysql database, syntax,
operators etc)... I suppose radcheck table buy I don't know about
attribute format...
-
List info/subscribe/unsubscribe? See
Dan Gahlinger wrote:
I understand that part.
But I'm not talking about going to another server, I'm talking locally.
so PAM can talk to the local radius server on the server the user is
connecting to?
The pam_radius_auth module can. Just tell it that the RADIUS server
is 127.0.0.1
I
Attribute name is Expiration. It is a check item so it does go into
radcheck. I use is == as operator, but := should work as well. Format
that works for me is:
November 28 2007 20:26:43
Ivan Kalik
Kalik Informatika ISP
Dana 21/11/2007, Marinko Tarlac [EMAIL PROTECTED] piše:
Hi
I need more
On Nov 22, 2007 7:51 AM, [EMAIL PROTECTED] wrote:
Attribute name is Expiration. It is a check item so it does go into
radcheck. I use is == as operator, but := should work as well. Format
that works for me is:
November 28 2007 20:26:43
Ivan Kalik
Kalik Informatika ISP
Any suggestions on
49 matches
Mail list logo