Hi,
I have followed the steps specified in http://wiki.freeradius.org/WPA_HOWTO
and created the certificates. Now my client requires a .cer file.
But I find only .p12, .pem and
.der files.
Should I rename the .der file as .cer file and use it on the client.
Or do I have to generate it separately.
Hi,
I have followed the steps specified in http://wiki.freeradius.org/WPA_HOWTO
and created the certificates. Now my client requires a .cer file.
But I find only .p12 and .der files.
Should I rename the .der file as .cer file and use it on the client.
Or do I have to generate it separately.
Regar
Andreas Moroder wrote:
> According to radiusd.conf
>
> #Note that NT-Passwords MUST be stored as a 32-digit hex
> # string, and MUST start off with "0x", such as:
In 1.1.7, that's no longer necessary. The "pap" module will take care
of fixing any issues with NT-Password. But it *must* be lis
Raghavendra. S wrote:
> I was able to get authenticated using radius server for
> EAP-TTLS/EAP-MD5, by having following configuration
...
> Modified users file as below
>
> raghu User-Password == "whatever"
Use Clear-text-Pas
Hi All,
I was able to get authenticated using radius server for
EAP-TTLS/EAP-MD5, by having following configuration
Modified eap.conf
-
eap {
default_eap_type=ttls
.
ttls {
default_eap_type=md5
.
FreeRADIUS is not only the #1 RADIUS server in the world, it's now
also leading the technical side of defining RADIUS. This document has
been in progress for over 3 years, and I know I'm happy that it has
finally been released.
Everyone implementing RADIUS from now on *must* read this documen
From:
[EMAIL PROTECTED]
g
[mailto:[EMAIL PROTECTED]
adius.org] On Behalf Of Hangjun He
Sent: Monday, 17 December 2007 18:32
To: FreeRadius users mailing list
Subject: Can I get group-name from Active-directory?
FreeRADIUS 1.1.6 + samba-tools + active-directory.
Can I get user's
Hi Frank,
Ranner, Frank MR wrote:
Oracle doesn't seem to do bit shift. You can multiply by 2^32 instead.
AcctInputOctets = '%{%{Acct-Input-Gigawords}:-0}' * 4294967296 +
'%{%{Acct-Input-Octets}:-0}'
Oracle supports up to 38 digit numbers.
Thanks so much for that suggestion, I will give it
Stuart Kendrick wrote:
> hi,
>
> fyi: i think there are syntax errors in the new FREERADIUS MIBS.
> regrettably, i'm not smart enough to know how fix these myself ...
Fixed, thanks. I don't know much about SNMP, but I can change text
until it stops complaining.
Alan DeKok.
-
List info/sub
Hi Phil,
Please let me know if you need more info. I am
still
stuck with the problem.
Thanks and Regards,
Eric.
--- Phil Mayers <[EMAIL PROTECTED]> wrote:
> >
> > rlm_ldap: user test1 authorized to use remote
> access
> > rlm_ldap: ldap_release_conn: Release Id: 0
> > modcall[authorize]: m
rhel5 x86-64 2.6.18-8.1.6.el5
freeradius 1.1.6 ntlm authentication to windows AD server.
Dec 16 15:50:13 ion winbindd[18013]: rpc_api_pipe: Remote machine
activedirectoryserver.clarku.edu pipe \NETLOGON fnum 0xc003returned
critical error. Error was Call timed out: server did not respond after
hi,
fyi: i think there are syntax errors in the new FREERADIUS MIBS. regrettably,
i'm not smart enough to know how fix these myself ...
guru> snmptranslate
Did not find 'gnomeProducts' in module FREERADIUS-SMI (/opt/vdops/share/snmp/mib
s/Freeradius/FREERADIUS-PRODUCT-RADIUSD-MIB.txt)
Unlink
Hello,
we would like to activate PEAP authentication with openLDAP.
According to radiusd.conf
#Note that NT-Passwords MUST be stored as a 32-digit hex
# string, and MUST start off with "0x", such as:
#
# 0x000102030405060708090a0b0c0d0e0f
#
# Without the leading "0x", NT-Passwords will
No passworrd for that user was found in Ldap or anywhere else in step 1.
The fact that there is a password in the request is irrelevant. Server
won't go back to Ldap in step 2 - no point, it looked in Ldap and there
was no password.
Ivan Kalik
Kalik Informatika ISP
Dana 17/12/2007, "Martin Pauly
On Saturday 15 December 2007 08:38, Alan DeKok wrote:
> No. The problem is the WARNING message just before that. You haven't
> told the server what the "known good" password is, so the server has NO
> WAY to authenticate the user.
I tested with radtest, as before. All of my real-world access-re
Alan DeKok a écrit :
Thanks for your answers.
[EMAIL PROTECTED] wrote:
Hello,
The problem is when a computer tries to authenticate, the User-Name sent
is "host//computername/", but in ldap we have entrie like
/computername/$. So we have some attr_rewrite that removes host/ and
adds the doll
16 matches
Mail list logo