On Wed, Sep 22, 2010 at 10:55 PM, Alan DeKok wrote:
> Peter Lambrechtsen wrote:
> > This is what I get back:
> >
> > (gdb) run
> > Starting program: /usr/local/bin/sparcv9/pamtester jpam peter
> authenticate
> > procfs:4337 -- process not stopped.
> > procfs: ...giving up...
> > (gdb) bt
> > procf
Hola Samuel, es mejor cuando envias los correos en ingles ya que la
mayoría hablan el idioma y no es muy correcto enviar los correos en
idiomas que no comprenden.
¿Como estas instalando el programa?
Saludos.
Alfonso.
El 27/09/2010 03:59 p.m., Samuel Isaias Barriga Perez escribió:
Estimados
Estimados:
Estoy tratando de configurar un servidor Radius (Freeradius) en debian
(Lenny), el problema es que cuando uso el comando radisud -XX el resultado
me da el siguiente:
radius01:~# radiusd -XX
Mon Sep 27 20:49:45 2010 : Info: FreeRADIUS Version 2.1.9, for host
x86_64-unknown-linux-gnu, bu
Alright,
Glad I asked, I've been trying different variations for half an hour.
I ended up just created an if - elsif statement since I only had three
static groups, but thought the regexp model would be less taxing than
processing each if statement.
if (Service-Type == "Login-User") {
William Burnett wrote:
>
> Thanks that helped I've got the conditions to match. However I've
> setup multiple groups:
>
> ssh-admin
> ssh-read
> ssh-write
>
> and want to use a regexp to match anything containing ssh-* to allow
> those users to authenticate instead of multiple lines matching ea
William Burnett wrote:
> Thanks that helped I've got the conditions to match. However I've
> setup multiple groups:
...
> and want to use a regexp
That won't work. The current code checks for equality, not regex.
> to match anything containing ssh-* to allow
> those users to authenticate inst
Evgeniy Kozhuhovskiy wrote:
> May be we've misunderstood each other.
> But, as far I understand, you suggest such scheme:
>
> First, we're proxying packet to home_server1 using realm module
> Second, we store packet in pre_proxy_log
> Then, we read it using detail listener from another virtual ser
>> Thnx. Already. But is it possible to do such thing without accounting
>> files enabled?
> What does that mean?
> Not that it matters... the way to send accounting packets to two
> locations is via the method I previously described. If you want to use
> another method, patch the server.
M
Alan,
Thanks that helped I've got the conditions to match. However I've
setup multiple groups:
ssh-admin
ssh-read
ssh-write
and want to use a regexp to match anything containing ssh-* to allow
those users to authenticate instead of multiple lines matching each
value. Can I use regex matching wit
Hi.
Thanks for you answer, unfortunately we're not using active directory or in
a position to apply policies to our users computers. The wireless users will
just be authenticating to a flat users file, which currently works great
except for these certificate problems I have encountered with windows
2010. 09. 27, hétfő keltezéssel 11.55-kor Peter McEvoy ezt írta:
> I'm in the process of setting up freeradius 2.1.9 on debian
> lenny/sparc. I've got everything working for eap tls with the self
> signed certificates that come with freeradius. This is working well
> for macs and some smartphones
hello.
I have freeradius2 on my centOS and it works fine!
But now i want to add new feature.
I want to disable user and stop his time.
I am disabling user by adding auth-type := reject but he's time is not stopping.
How can i stop user's time?
For example user john have 25 days and i disabled this
On 27/09/10 11:44, Cameron Wood wrote:
groupname_attribute = cn
groupmembership_filter =
"(|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=posixGroup)(memberUid=%{control:Ldap-UserDN}))"
groupmembership_attribute = radiusGroupName
Attached is a debu
Evgeniy Kozhuhovskiy wrote:
> Thnx. Already. But is it possible to do such thing without accounting
> files enabled?
What does that mean?
Not that it matters... the way to send accounting packets to two
locations is via the method I previously described. If you want to use
another method, pa
Thnx. Already. But is it possible to do such thing without accounting
files enabled?
Is it possible to send accounting packets to two home servers?
Read raddb/sites-available/copy-acct-to-home-server
--
С уважением, Евгений Кожуховский
Руководитель группы сервисных платформ
УИТ ЦИТС МГТС
Hi,
> rlm_ldap: Entering ldap_groupcmp()
> expand: dc=ac3,dc=com,dc=au -> dc=ac3,dc=com,dc=au
> expand:
> (|(&(objectClass=GroupOfNames)(member=%{control:Ldap-UserDn}))(&(objectClass=posixGroup)(memberUid=%{control:Ldap-UserDN}))
> ->
> (|(&(objectClass=GroupOfNames)(member=uid\
Hi.
I'm in the process of setting up freeradius 2.1.9 on debian lenny/sparc.
I've got everything working for eap tls with the self signed certificates
that come with freeradius. This is working well for macs and some
smartphones but I'm having trouble with windows machines. My research
indicates th
ple\2cdc\3dac3\2cdc\3dcom\2cdc\3dau))
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in dc=ac3,dc=com,dc=au, with filter
(&(cn=net_su)(|(&(objectClass=GroupOfNames)(member=uid\3dcameron\2cou\3dPeople\2cdc\3dac3\2cdc\3dcom\2cdc\3dau))
Hello Alan,
sorry, my fault :-)
radclient saves my day, indeed i can send any attribute / value pair i like
thanks for your help
Micha
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 09/27/2010 01:09 AM, Cameron Wood wrote:
Are we talking about Group-Name (which is implemented by the "unix"
module and comes from /etc/group) or Ldap-Group (which is
implemented by the ldap module and comes from ldap lookups)?
Both implement their own == hooks so the same con
20 matches
Mail list logo
