On 20/01/2010 23:36, Arran Cudbard-Bell wrote:
On 1/17/2010 8:37 AM, Alexander Clouter wrote:
James J J Hooperjjj.hoo...@bristol.ac.uk wrote:
In order to also return e.g. VLAN IDs (that could be computed from the
inner User-Name in a non-session-resumption enabled config), I can move
the
Hi,
I have installed Freeradius 2.0 along with mysql 5 and dialup_admin. I am
having trouble with session-timeout ,expiration. On dialup_admin i have correct
information for both attributes like user can login for 0 seconds and similarly
for expiration like account expired. But users can still
James J J Hooper jjj.hoo...@bristol.ac.uk wrote:
How did you get around the my policy rejects you now, but i've already
sent a tunneled success TLV in the TLS tunnel and you're now ignoring my
EAP-Failure messages issue... or are you just happily ignoring it/
encouraging adoption of TTLS-PAP
--On Thursday, January 21, 2010 10:05:36 AM + Alexander Clouter
a...@digriz.org.uk wrote:
James J J Hooper jjj.hoo...@bristol.ac.uk wrote:
How did you get around the my policy rejects you now, but i've already
sent a tunneled success TLV in the TLS tunnel and you're now ignoring my
Hi again,
Should The Framed Ip ( assigned to the user, framed IP) be in the
main_pool in this case?
Tevfik Ceydeliler wrote:
Hi Alain,
According your suggestion I delete Packet-Type == Access-Request -I
wrote down to config according to SecOvid manual-,
shrug The manual is wrong.
%m%d
- /var/log/freeradius/radacct/10.65.8.100/detail-20100121
[detail] /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands
to /var/log/freeradius/radacct/10.65.8.100/detail-20100121
expand: %t - Thu Jan 21 13:39:39 2010
++[detail] returns ok
++[chap] returns noop
Thu, 21 Jan 2010 10:02:48 +0700 EasyHorpak.com wrote:
An HTML attachment was scrubbed...
URL:
https://lists.freeradius.org/pipermail/freeradius-users/attachments/2010012
1/98ccb1d7/attachment.html
Thanks so much EasyHorpak, it works now perfectly!
LUIZ GUSTAVO DE VILLA SCANDELARI
Skype:
Luiz Gustavo de Villa Scandelari wrote:
Thu, 21 Jan 2010 10:02:48 +0700 EasyHorpak.com wrote:
An HTML attachment was scrubbed...
URL:
https://lists.freeradius.org/pipermail/freeradius-users/attachments/2010012
1/98ccb1d7/attachment.html
Thanks so much EasyHorpak, it works
hello
I have 2 samba domains (with ldap backend)
Machine accounts are stored in ldap.
I want to assign VLAN according to ldap server
machine$ stored in ldap_server_1 must go in VLAN1
machine$ stored in ldap_server_2 must go in VLAN2
what is the method to assign VLAN on XP boot ?
-
List
Did the recent upgrade of freeradius2 add a ntlm_auth module?
I'm now seeing
Exec-Program output: Exec-Program: FAILED to execute
/path/to/ntlm_auth: No such file or directory
Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute
/path/to/ntlm_auth: No such file or directory
On 01/21/2010 02:31 PM, freerad...@corwyn.net wrote:
Did the recent upgrade of freeradius2 add a ntlm_auth module?
Yes, 2.1.8 added ntlm_auth.
Unfortunately doc/ChangeLog omitted this.
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-
List
I think that breaks most of the current instructions out there, since
the module seems to win out over what I have defined in radiusd.conf.
Heck, it breaks my 2.1.7 ones, and the wiki
If I just remove the exec from radiusd.conf ( and confiure the new
ntlm_auth module) everything should
Guys,
I'm experiencing a strange problem. I use FreeRadius to control cmd line
access to my routers and switches and I've configured FreeRadius to use a
MySQL back-end and thus far it works fine except for one condition. If i
supply a blank password when authenticating, FreeRadius allows the
Hi,
If I just remove the exec from radiusd.conf ( and confiure the new
ntlm_auth module) everything should be ok?
you should avoid just lurching your old configs across to new versions.
best to start witha clean slate and then edit/add your logic as required
(i've found that by keeping the
At 04:49 PM 1/21/2010, Alan Buxey wrote:
you should avoid just lurching your old configs across to new versions.
best to start witha clean slate and then edit/add your logic as required
Perhaps. But having to rebuild everything to go from 2.1.7 to 2.1.8
is excessive.
Rick
-
List
Hi,
users: Matched entry DEFAULT at line 204
++[files] returns ok
whats on line 204 or your users file? the reason why I ask is because..
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type Accept
rad_check_password:
Line 204 in my users file is the following:
DEFAULT Auth-Type := Reject
My MySQL databse also stores huntgroup information for the FreeRadius
server. I want to reject authentication by default on all my nas devices
unless the usergroup which the user belongs to is allowed to access that
On Thu, Jan 21, 2010 at 1:48 AM, Alan DeKok al...@deployingradius.comwrote:
If you're not going to bother reading the messages here, I don't see
why you're asking questions.
I thought the golden rule around here was Don't Touch the Conf's, it should
just work. Using that information, I
Satyam Mathura satz...@gmail.com writes:
Line 204 in my users file is the following:
DEFAULT Auth-Type := Reject
You don't want that. It removes the server's ability to figure it out
by itself.
my radgroupcheck config:
++--++++
|
The reason i had those configs was because they were outlined as steps to
reject authentication by default in the guide i was using.
http://wiki.freeradius.org/SQL_Huntgroup_HOWTO
Note: If you want to reject authentication by default then edit the
raddb/users file and add this:
DEFAULT
Quick update.
Although the radius server no longer accepts blank passwords, i now have a
problem where users who belong to groups which are not allowed to access nas
devices in certain huntgroups can now do so.
Any ideas?
On Thu, Jan 21, 2010 at 7:14 PM, Satyam Mathura satz...@gmail.com wrote:
Ok so I sent that last email off a little too prematurely, Some how in my
various remakings of my certs, I ended up with no xpextensions Don't
have time to test it now as I have to give the network back soon. Will
report later.
~Huckle Berry
-
List info/subscribe/unsubscribe? See
22 matches
Mail list logo