Fads Afds wrote:
> I tried to get the error-message of inner-tunnel by running sql query in
> "Post-Auth-Type Reject {} of default. The message field in radpostauth table
> is empty. The query seems cannot access %{inner.control:My-Err-Message}
> attribute.
> My question is: Can sql in
Madsen.Jan JMD wrote:
> My specific configuration to get this working looks like this
>
> Passwd module file
>
> filename = /etc/tac-plus/passwd
Hmm... there's more to it than that. What did you name the module?
> The debug output look like this when I try to do an authentication u
So I need to change the passwd file name ?
Now using : /etc/freeradius/modules/passwd
or do I need to do somehting like this in the passwd file
Passwd-name {
filename = /etc/tac-plus/passwd
format = "*User-Name:Password"
hashsize = 0
delimiter = :
authtype
Madsen.Jan JMD wrote:
> So I need to change the passwd file name ?
> Now using : /etc/freeradius/modules/passwd
>
> or do I need to do somehting like this in the passwd file
>
> Passwd-name {
Something like that. See the "smbpasswd" file for an example of what
you need to do.
Alan DeKok.
-
Abraham Varricatt wrote:
> I just flashed a linksys with dd-wrt and now I'm trying to setup a
> freeradius server on a Fedora system. For the life of me, I can't figure
> out what to do next on the system. I've installed freeradius by running
> - "sudo yum install freeradius" on my Fedora, but what
Okay Alan
I did like this now
More /etc/freeradius/modules/passwd
passwd kmdov3 {
filename = /etc/tac-plus/passwd
format = "*User-Name:Password:"
hashsize = 0
delimiter = :
authtype = pap
}
This looks very mutch like the smbpasswd file
passwd smbpasswd
Well,
I'm installing this to measure the bandwidth used by different clients on my
network. I understand that it can be done from the web interface of
"dialupadmin". So, what I need some help is how to setup the web-interface
of diaupadmin.
As far as documentation goes, I found this - http://free
On Fri, Jul 9, 2010 at 2:03 PM, Abraham Varricatt
wrote:
> Well,
>
> I'm installing this to measure the bandwidth used by different clients on my
> network. I understand that it can be done from the web interface of
> "dialupadmin". So, what I need some help is how to setup the web-interface
> of
Hi all!
I've just upgraded from 1.1.6 to 2.1.9. On the old server I'm used
Start/Stop and Interim-Update in acct_users file to execute some script
in this way:
DEFAULT Acct-Status-Type == Start
Exec-Program = "/usr/local/etc/raddb/aaa_pdsn.sh"
DEFAULT Acct-Status-Type == Interim-Updat
>> I've got freeradius running in one terminal window in debug mode with
>> "radiusd -X" , but I can't find where the "radtest" is installed. Any
>> suggestions?
I got it working. Turns out, "radtest" is part of the freeradius
utilites and I needed to install it separately. So, running ,
yum inst
Hi,
You can add NT / LM pairs to each LDAP user object. You must include the
samba.schema into the ldap server schemas.
Ex:
sambaNTPassword: CAF13D4F321E608B27FD75D2549BA53C
sambaLMPassword: 02D093CE93038E2FAAD3B435B51404EE
You can create these passwords using smbencrypt tool (deployed with sa
Abraham Varricatt wrote:
> I'm installing this to measure the bandwidth used by different clients
> on my network.
Are the clients being authenticated via RADIUS?
Does the switch send that information in an accounting packet?
> I understand that it can be done from the web interface
> of "di
Madsen.Jan JMD wrote:
> I did like this now
> More /etc/freeradius/modules/passwd
> passwd kmdov3 {
OK.
> And still I just get a rejected login
You need to list "kmdov3" in the "authorize" section. The debug log
shows that the module is not being used... therefore the passwords are
not bein
Hi,
First: create an exec module in radiusd.conf
For exemple :
exec exe_module {
wait = yes
program = "path to your prograù"
input_pairs = request
output_pairs = reply
shell_escape = yes
output = none
Daniel Gomes wrote:
> I know this is a question which has been thoroughly asked and answered,
> but after spending several days configuring, debugging, searching the
> internet, rec-configuring, etc, I still can't get my freeradius server
> to properly authenticate users (for a pptd server).
Go
Hey there,
first of all, thanks for all the tips!
Commenting them, in the order in which they came:
@peter lambrechtsen:
I actually had tried PAP before, but I gave up then because pptpd was
refusing clients without even consulting the RADIUS server... But I
noticed (a couple of minutes ago
Hm, I've done it but now when I'm running radiusd -X it shows:
Module: Checking accounting {...} for more modules to load
/usr/local/etc/raddb/sites-enabled/default[325]: Failed to load module
"exe_module".
/usr/local/etc/raddb/sites-enabled/default[323]: Errors parsing
accounting section.
Af
Eugen Vakulenko wrote:
> Hm, I've done it but now when I'm running radiusd -X it shows:
>
> Module: Checking accounting {...} for more modules to load
> /usr/local/etc/raddb/sites-enabled/default[325]: Failed to load module
> "exe_module".
Does the debug output show that it's loading the file c
Daniel Gomes wrote:
> From the logs, and as I wrote on my initial cry for help, I could see
> that the password wasn't being found, I just couldn't puzzle out why...
> And yes, the users do have passwords on LDAP (we are using it to
> authenticate many other applications), and as I wrote down, radt
Wrong guess, i'ts OpenLDAP :)
Em 09-07-2010 13:04, Alan DeKok escreveu:
Daniel Gomes wrote:
From the logs, and as I wrote on my initial cry for help, I could see
that the password wasn't being found, I just couldn't puzzle out why...
And yes, the users do have passwords on LDAP (we are using
> -Original Message-
> From: Alan DeKok
> Sent: Thursday, July 08, 2010 10:26 AM
> Aaron Jansen wrote:
> > For a user FreeRADIUS should check the user name, password, and the
> > MAC address. The MAC address can be one of many in a list stored in
> > a database. So, this is not about a sing
Daniel Gomes wrote:
> Wrong guess, i'ts OpenLDAP :)
Then fix it so that it returns a password to FreeRADIUS.
It's an LDAP server. If it doesn't return a password when an LDAP
client queries it for a password, it's broken.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freer
Well, as I mentioned (a couple of times now), the LDAP server was indeed
returning a password to FreeRADIUS, since radtest was always working
fine. So the problem wasn't in the LDAP server itself, because it does
"return a password when an LDAP client queries it for a password" (as I
also menti
09.07.2010 15:03, Alan DeKok написав(ла):
Does the debug output show that it's loading the file containing the
module configuration?
I don't know exactly. As I understand it shows that it is loading
additional modules. End of debug output:
rlm_sql (sql): Driver rlm_sql_mysql (module rl
Daniel Gomes wrote:
> Well, as I mentioned (a couple of times now), the LDAP server was indeed
> returning a password to FreeRADIUS, since radtest was always working
> fine.
No, it wasn't returning a password to FreeRADIUS. Go *read* the debug
output. It will prove this.
When using PAP, the
Eugen Vakulenko wrote:
>>Where did you put the configuration?
>>
> I've added in /usr/local/etc/raddb/radiusd.conf following section near
> the end of file:
How about putting it as a *separate file* into the
raddb/modules/ directory?
That's where the module configuration files are
I have accounting and SQL set up (probably broken). I see the debug showing
it updating table radacct but the table remains empty.
r...@ubuntu:/usr/local/etc/raddb# radiusd -X
FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on Jun 21 2010
at 14:47:46
Copyright (C) 1999-2009 The FreeR
Hi
I have a freeradius server and it authenticate user in users file but I want to
use Active directory.Is server must join any domain for using Active Directory
?Thanks.
_
Windows Live Ho
You should make
exec exe_module {
wait = yes
program = "/usr/local/etc/raddb/aaa_pdsn.sh"
input_pairs = request
output_pairs = reply
shell_escape = yes
output = none
}
Not
exe_module {
wait = yes
program = "/usr/local/etc/
Make sure that this line :
$INCLUDE sites-enabled/default
At the end of your radiusd.conf file
-Message d'origine-
De : freeradius-users-bounces+mamadou.toure=vipnet...@lists.freeradius.org
[mailto:freeradius-users-bounces+mamadou.toure=vipnet...@lists.freeradius.or
g] De la part de Alan
Em 09-07-2010 13:59, Alan DeKok escreveu:
Daniel Gomes wrote:
Well, as I mentioned (a couple of times now), the LDAP server was indeed
returning a password to FreeRADIUS, since radtest was always working
fine.
No, it wasn't returning a password to FreeRADIUS. Go *read* the debug
o
So, anyone have any ideas how to get the TGT to make de single sign-on that I
want?
thiago
De: John Dennis
Para: FreeRadius users mailing list
Cc: Thiago Gonzaga B. Galvão
Enviadas: Quinta-feira, 8 de Julho de 2010 10:56:42
Assunto: Re: Freeradius kerberos
On Fri, Jul 09, 2010 at 07:17:30AM -0700, Thiago Gonzaga B. Galv?o wrote:
>
>So, anyone have any ideas how to get the TGT to make de single sign-on
>that I want?
Authenticate using something that actually returns a TGT, instead of going
through RADIUS? For web pages there are already a ha
:) Thank you very much! It works.
Sorry for such questions, i'm very new in radius.
Also thanks to Toure Mamadou!
09.07.2010 16:01, Alan DeKok написав(ла):
Eugen Vakulenko wrote:
Where did you put the configuration?
I've added in /usr/local/etc/raddb/radiusd.conf following s
On 09/07/10 15:17, Thiago Gonzaga B. Galvão wrote:
So, anyone have any ideas how to get the TGT to make de single sign-on
that I want?
This is not a Radius issue and not a FreeRadius question, and doesn't
belong on this mailing list.
Google "mod_auth_kerb"
-
List info/subscribe/unsubscribe?
Daniel Gomes wrote:
>>> we are currently and successfully using it to
>>> authenticate other services).\
>>>
>>Using PAP passwords.
>
> Actually these application are probably just binding with the user's
> credentials, but that's not relevant here.
That's what I meant.
> Well,
John McDonnell wrote:
> Just a quick question, I'm planning on adding a machine_name field to the
> MAC address table in addition to the MAC addresses to make maintaining the
> list (adding and removing MAC addresses with new machines coming in and
> old ones going out) easier. Is there anything el
Em 09-07-2010 17:12, Alan DeKok escreveu:
Daniel Gomes wrote:
we are currently and successfully using it to
authenticate other services).\
Using PAP passwords.
Actually these application are probably just binding with the user's
credentials, but that's not relevan
To answer my question, the NAS was not sending any data and is now fixed and
sending accounting.
David
-Original Message-
From:
freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org
[mailto:freeradius-users-bounces+david.peterson=acc-corp@lists.freeradiu
s.org] On
On Fri, Jul 09, 2010 at 11:52:57AM +0300, Eugen Vakulenko wrote:
> I've just upgraded from 1.1.6 to 2.1.9. On the old server I'm used
> Start/Stop and Interim-Update in acct_users file to execute some script
> in this way:
>
> But when I try it on the new server it seems it doesnt work.
> exec
Are you by chance testing the FreeRADIUS ready version of Alvarion's BTS
firmware?
> -Original Message-
> From: freeradius-users-
> bounces+wiechman.lists=gmail@lists.freeradius.org
> [mailto:freeradius-users-
> bounces+wiechman.lists=gmail@lists.freeradius.org] On Behalf Of
> Davi
Yes I have FreeRadius working with the Extreme and the 4-Motion BSR.
Contact me off-list if you need any support.
David
-Original Message-
From:
freeradius-users-bounces+david.peterson=acc-corp@lists.freeradius.org
[mailto:freeradius-users-bounces+david.peterson=acc-corp@lists.fr
42 matches
Mail list logo
