Compare attrs entries with users file entries. Then read what do
operators := and += do.
I've read man unlang and I correct my configuration, and I finally
succeed to do what I want but not as I thought.
I just notice the following :
In users file you can do
Attribute_A = foo
I'm sure these are questions that have been asked a thousand times, but
can't for the life of me find the answers I'm looking for.
My first problem is this: I want to store reply attributes for my users
in a MySQL database, however I want them to authenticate against an LDAP
server. No
Can we request for specific fields such as MAC address in the radius
Access-Request packet?
No. But read your NAS documentation - if it can be done it will be there.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
**Thanks you so much.
On Wed, Apr 8, 2009 at 11:54 PM, Russell Tester
russ...@serverworks.co.nzwrote:
That's also a tad incorrect as 6 Gagawords is more like 24GB.
You may also find this snippet from my dictionary.mikrotik useful:
ATTRIBUTE Mikrotik-Recv-Limit-Gigawords 14
Hello ,
I am trying to use freeradius1.1.7 with ldap . Now when i try to
authenticate user from localhost , it works but when i try from laptop it
does not work . . it shows User-Password attribute required .. I tried to
remove AUTH TYPE = LDAP as alan suggested but i am not
things work .. it
Justin Steward wrote:
My first problem is this: I want to store reply attributes for my users
in a MySQL database, however I want them to authenticate against an LDAP
server. No problem, I sort of have this working. Except the reply
attributes get sent even on an Access-Reject packet. This
I am trying to use freeradius1.1.7 with ldap . Now when i try to
authenticate user from localhost , it works but when i try from laptop it
does not work . . it shows User-Password attribute required .. I
tried to remove AUTH TYPE = LDAP as alan suggested but i am not
things work .. it
On Thu, 9 Apr 2009 07:37:38 +0100, Ivan Kalik t...@kalik.net wrote:
Compare attrs entries with users file entries. Then read what do
operators := and += do.
I've read man unlang and I correct my configuration, and I finally
succeed to do what I want but not as I thought.
I just
Right. Its better to give crackers less information versus more. so
others do not get login credentials. Though, if certificates were
properly implemented, there would be mutual authentication
On Tue, Apr 7, 2009 at 8:12 AM, Arran Cudbard-Bell
a.cudbard-b...@sussex.ac.uk wrote:
-BEGIN PGP
I'm aware of an attack on a bank which had implemented EAP, and had
fun when a Pen tester was simply getting domain login credentials
without having to work much at all.
Could you maybe provide a rebuttal for this attack? and/or explain how
to make it especially secure?
On Tue, Apr 7, 2009 at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Bartell wrote:
Right. Its better to give crackers less information versus more.
so others do not get login credentials. Though, if certificates
were properly implemented, there would be mutual authentication
Exactly. The only attacks I know
Arran Cudbard-Bell a.cudbard-b...@sussex.ac.uk wrote:
Paul Bartell wrote:
Right. Its better to give crackers less information versus more.
so others do not get login credentials. Though, if certificates
were properly implemented, there would be mutual authentication
Exactly. The only
Paul Bartell wrote:
I'm aware of an attack on a bank which had implemented EAP, and had
fun when a Pen tester was simply getting domain login credentials
without having to work much at all.
Could you maybe provide a rebuttal for this attack? and/or explain how
to make it especially secure?
Paul Bartell paul.bart...@gmail.com wrote:
I'm aware of an attack on a bank which had implemented EAP, and had
fun when a Pen tester was simply getting domain login credentials
without having to work much at all.
Could you maybe provide a rebuttal for this attack? and/or explain how
to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexander Clouter wrote:
Arran Cudbard-Bell a.cudbard-b...@sussex.ac.uk wrote:
Paul Bartell wrote:
Right. Its better to give crackers less information versus
more. so others do not get login credentials. Though, if
certificates were properly
On Thu, Apr 9, 2009 at 10:27 PM, Alan DeKok al...@deployingradius.comwrote:
$ man unlang
...
ldap
if (fail) {
sql
}
...
Hi Alan,
Thanks for the reply. Since SQL modules can't go in authenticate, this would
have to be in authorize,
Hi,
How can find the -devel packages?
I download the free-radius from
ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.1.4.tar.gz
and use the command
./configure --with-experimental modules
make
make install
Also, I don't use RPM here, just build it from source.
Leo
John
17 matches
Mail list logo