hello
I'm looking for a toturial ti authenticate XP machines accounts (ldap backend)
on boot with freeradius
here a computer LDAP entry
dn: uid=pc-42ee2079$,ou=computer,ou=ressources,ou=test,o=coin,c=fr
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass:
On 01/02/10 12:46, cd wrote:
hello
I'm looking for a toturial ti authenticate XP machines accounts (ldap backend)
on boot with freeradius
here a computer LDAP entry
dn: uid=pc-42ee2079$,ou=computer,ou=ressources,ou=test,o=coin,c=fr
objectClass: top
objectClass: account
objectClass:
I want to setup AAA server with freeradius, But when I finished the install,
and run radiusd -X,
error is
}
Ignoring EAP-Type/tls because we do not have OpenSSL support.
Ignoring EAP-Type/ttls because we do not have OpenSSL support.
Ignoring EAP-Type/peap because we do not have OpenSSL
Hi @all,
I want to replace our old CiscoSecure Radius-Server to a new version of
FreeRadius (2.1.8).
I´ve checked several things but one thing I miss on FreeRadius:
On CiscoSecure it was possible to bound a NAS to a dedicated dictionary.
I need this feature now on the FreeRadius
I need that
Hi,
I want to replace our old CiscoSecure Radius-Server to a new version of
FreeRadius (2.1.8).
good move :-)
I´ve checked several things but one thing I miss on FreeRadius:
On CiscoSecure it was possible to bound a NAS to a dedicated dictionary.
I need this feature now on the
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Sun, January 31, 2010 12:16:17 PM
Subject: Re: Allowing Access via 'users' when LDAP fails
Hi,
what switches? with Cisco you can use
From: Fajar A. Nugraha fa...@fajar.net
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Sun, January 31, 2010 11:43:20 AM
Subject: Re: Allowing Access via 'users' when LDAP fails
On Sun, Jan 31, 2010 at 10:16 PM, Amaru Netapshaak
Hi,
I'm using Cisco 3560G switches. If a client currently doesnt send EAPOL
packets
to the switch, the 'guest vlan' works perfectly.
However, my clients ARE dot1x capable, and DO send EAPOL packets to the switch
and that makes the switchport stay unavailable for too long while the switch
On 02/01/2010 09:13 AM, hongjianli.n...@gmail.com wrote:
I want to setup AAA server with freeradius, But when I finished the
install, and run radiusd -X,
error is
}
Ignoring EAP-Type/tls because we do not have OpenSSL support.
Ignoring EAP-Type/ttls because we do not have OpenSSL support.
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Mon, February 1, 2010 9:51:42 AM
Subject: Re: Allowing Access via 'users' when LDAP fails
Hi,
I'm using Cisco 3560G switches. If a client
hongjianli.n...@gmail.com wrote:
I want to setup AAA server with freeradius, But when I finished the
install, and run radiusd -X,
error is
}
Ignoring EAP-Type/tls because we do not have OpenSSL support.
If you've installed a Debian package, read the Wiki for how to install
a debian
On 01/02/10 16:04, cd wrote:
thanks Phil
but it looks like that i get an access-accept without ldap password validation
??!
Please don't email me directly; I'm on the list.
rad_recv: Access-Request packet from host 192.168.10.254 port 1024, id=151,
length=136
NAS-IP-Address =
Excuse me I didn't want to email you directly.
I run 2 LDAP modules because i would like to put machines in good VLAN
after authentification.
that my next problem ;)
I work on it ... but i don't know to begin :p
Le 01/02/2010 17:34, Phil Mayers a écrit :
On 01/02/10 16:04, cd wrote:
Hi,
So, I'm trying to get multiple sources of authentication (i.e. LDAP and
Active Directory via ntlm_auth) working from a Cisco ASA to freeradius-2.x.
The username and password come over in clear text. The Auth-Type is
being set to LDAP and works with ldap. If I switch from ldap to
Between the Mac Authentication Bypass and 802.1x, how do you force the
port to reauthenticate?
Schilling
On Mon, Feb 1, 2010 at 11:12 AM, Amaru Netapshaak
postfix_am...@yahoo.com wrote:
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
To: FreeRadius users mailing
It doesn't work referred to the original question I posted with the same
subject a few weeks ago. At that time I provided debug output. I tried this
configuration with 2.1.7 and 2.1.8 but it didn't work in that the request
never left freeradius for the downstream server. After I installed 2.1.4,
Hi,
I've tried doing the following to have a continue on fail
authenticate{
...
Auth-Type LDAP{
ldap
if(reject){
ntlm_auth
}
}
try...something like
Auth-Type LDAP {
group {
ldap{
reject
Greetings from New Zealand
I have a two factor auth system built using rlm_perl, which is all
working fine but for one problem.
I have a function that sends emails for sending one-time passwords via
SMS which works perfectly when FR is run as radiusd -X, but doesn't work
when FR started as a
Mike Bernhardt wrote:
It doesn't work referred to the original question I posted with the same
subject a few weeks ago. At that time I provided debug output.
Ah... that's the failed creating proxy socket issue. Weird.
I tried this
configuration with 2.1.7 and 2.1.8 but it didn't work in
On Mon, Feb 1, 2010 at 10:50 PM, Amaru Netapshaak
postfix_am...@yahoo.com wrote:
Anyway, if you still need accept all, Alan's example should work.
Put something like this on authorize section
ldap
if (notfound) {
update control {
Alan,
Thanks so much!!! It was indeed the group{} that I was missing. I really
appreciate your help, all is working now.
Cheers,
Harry
Alan Buxey wrote:
Hi,
I've tried doing the following to have a continue on fail
authenticate{
...
Auth-Type LDAP{
ldap
if(reject){
21 matches
Mail list logo
