Nelson Vale wrote:
> The user's DN is OK now (no extra characters), but the ldap
> authentication still doesn't work. I think the problem is that double
> quotes must be escaped before sent to AD.
OK.
> In my fix in rlm_ldap (test purpose only), I did just that before
> assigning the vp_user_dn
Spacelee wrote:
> I set the value to 3600, but it says
> [sql] expand: SELECT id, username, attribute, value, op
> FROM radcheck WHERE username = '%{SQL-User-Name}'
> ORDER BY id -> SELECT id, username, attribute, value, op FROM
> radcheck WHERE
Mindaugas Riauba wrote:
> How to define some conditions in users/acct_users file when to use
> our module? It is quite heavy and we'd like to avoid its execution in
> as many cases as possible.
See "man unlang"
> I tried such configuration in users. Idea comes from
> http://freeradius.org/r
Stefan A. wrote:
> I want to send RADIUS Accounting Messages to another RADIUS Server,
> depending on some contents of a Packet.
>
> 'a Packet' in this context might be an Access or an Accounting Packet.
The Access-Request && Accounting-Request packets are handled
independently. If you want to
Génaël VALET wrote:
> I use LDAP groups for EAP-PEAP Authentication in wifi WPA context. For now,
> I used a DEFAULT line in "users" file like this :
>
> DEFAULT ldap_1x-Ldap-Group != "radius" , Auth-Type := Reject
> Reply-Message = "ACCES REFUSE"
>
> I have a LDAP Group named "radius" bu
I set the value to 3600, but it says
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id
-> SELECT id, username, attribute, value, op FROM
radcheck WHERE username = 'test'
Hello,
I want to remove some attribute from my access-accept messages
regardless the value of this attribute.
I tough I could use the "!*" but the wiki says it's not usable as a
reply item. Further more "!*" is not present in unlang(5) if I try to
use it freeradius says config file have a syntax e
On 06/11/2010 05:56 AM, Riccardo Veraldi wrote:
Hello,
when using EAP-TLS I would like to check the DN of hte user certificate
and in particulare
I need to check the Locality (L) string to matcha particular string.
Is it possible in some way ?
My recollection is that the certificate validatio
Hi,
I want to send RADIUS Accounting Messages to another RADIUS Server,
depending on some contents of a Packet.
'a Packet' in this context might be an Access or an Accounting Packet.
The intended Flow:
Packet comes in ...
- for Access type, check if user might be authenticated
- if OK, try to
On Thu, Jun 10, 2010 at 4:55 PM, Alan DeKok wrote:
>
>
> Delete "unix" from raddb/sites-enabled/default, section "authorize"
>
> Alan DeKok.
>
To make sure all tests/changes I had made were gone I restarted from the
original conf files and did exactly this. It now works as expected, but of
c
On Fri, 2010-06-11 at 13:34 +0200, Alan DeKok wrote:
> John Horne wrote:
> > Hello,
> >
> > We are running Freeradius 2.1.7 (on CentOS 5 - freeradius2-2.1.7-7.el5),
> > and are seeing many of these messages in our log files:
> >
> > Fri Jun 11 11:44:19 2010 : Error: Failed binding to proxy addr
On Fri, 2010-06-11 at 15:28 +0300, Mindaugas Riauba wrote:
> Hello,
>
> >> We are running Freeradius 2.1.7 (on CentOS 5 - freeradius2-2.1.7-7.el5),
> >> and are seeing many of these messages in our log files:
> >
> > Changelog from 2.1.8:
> >
> >* Proxying large numbers of packets no long
Hello,
>> We are running Freeradius 2.1.7 (on CentOS 5 - freeradius2-2.1.7-7.el5),
>> and are seeing many of these messages in our log files:
>
> Changelog from 2.1.8:
>
> * Proxying large numbers of packets no longer gives error
> "unable to open proxy socket".
I already ope
Josip Rodin wrote:
> In the meantime I've done some work fixing the Wiki. I invite everyone
> watching to have a look, it's now... no longer stuck in 2007. :)
It looks quite a bit better, thanks.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
John Horne wrote:
> Hello,
>
> We are running Freeradius 2.1.7 (on CentOS 5 - freeradius2-2.1.7-7.el5),
> and are seeing many of these messages in our log files:
>
> Fri Jun 11 11:44:19 2010 : Error: Failed binding to proxy address *
> port 1815: Address already in use
>
> The server is alre
On Fri 11 Jun 2010, Ramm-Ericson, Johannes wrote:
> Hi,
>
> Peter Nixon wrote:
> >Hi Johannes
> >
> >Please feel free to take the lead. While you may of course use the RST
> >viewer built into github, its better if you install Sphinx
> >(http://sphinx.pocoo.org/) as you will then be able to "build
Hello,
We are running Freeradius 2.1.7 (on CentOS 5 - freeradius2-2.1.7-7.el5),
and are seeing many of these messages in our log files:
Fri Jun 11 11:44:19 2010 : Error: Failed binding to proxy address *
port 1815: Address already in use
The server is already running and so would already be
Hello,
when using EAP-TLS I would like to check the DN of hte user certificate
and in particulare
I need to check the Locality (L) string to matcha particular string.
Is it possible in some way ?
thanks
Rick
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Josip Rodin wrote:
> The Change of Authorization code hasn't really found its place, it looks
> a bit like a hack.
It's a hack.
> Maybe it's the WITH_COA defines that make it look so.
> But more generally, after reading through the proxy code, I see it as a
> something of an unadjusted citizen
>How could it be, when it passes the same information in both cases (the
>only difference is the username/password)? Is it possible that the switch
>interprets the reply differently for dot1x and mab authentication?
>I know it's rather Cisco related issue than RADIUS, but maybe someone
>experienced
20 matches
Mail list logo